Computing the Algebraic Immunity Efficiently

The purpose of algebraic attacks on stream and block ciphers is to recover the secret key by solving an overdefined system of multivariate algebraic equations. They become very efficient if this system is of low degree. In particular, they have been used to break stream ciphers immune to all previously known attacks. This kind of attack tends to work when certain Boolean functions used in the ciphering process have either low degree annihilators or low degree multiples. It is therefore important to be able to check this criterion for Boolean functions. We provide in this article an algorithm of complexity $O \left( m^d\right)$ (for fixed d) which is able to prove that a given Boolean function in m variables has no annihilator nor multiple of degree less than or equal to d. This complexity is essentially optimal. We also provide a more practical algorithm for the same task, which we believe to have the same complexity. This last algorithm is also able to output a basis of annihilators or multiples when they exist.

[1]  Josef Pieprzyk,et al.  Cryptanalysis of Block Ciphers with Overdefined Systems of Equations , 2002, ASIACRYPT.

[2]  Frederik Armknecht On the Existence of low-degree Equations for Algebraic Attacks , 2004, IACR Cryptol. ePrint Arch..

[3]  Jean-Charles Faugère,et al.  An Algebraic Cryptanalysis of Nonlinear Filter Generators using Gröbner bases , 2003 .

[4]  Frederik Armknecht,et al.  Improving Fast Algebraic Attacks , 2004, FSE.

[5]  Nicolas Courtois,et al.  On Exact Algebraic [Non-]Immunity of S-Boxes Based on Power Functions , 2006, ACISP.

[6]  Subhamoy Maitra,et al.  Results on Algebraic Immunity for Cryptographically Significant Boolean Functions , 2004, INDOCRYPT.

[7]  Claude Carlet Improving the algebraic immunity of resilient and nonlinear functions and constructing bent functions , 2004, IACR Cryptol. ePrint Arch..

[8]  Claude Carlet,et al.  Algebraic Attacks and Decomposition of Boolean Functions , 2004, EUROCRYPT.

[9]  Bart Preneel,et al.  On the Algebraic Immunity of Symmetric Boolean Functions , 2005, INDOCRYPT.

[10]  F. Didier,et al.  A New Upper Bound on the Block Error Probability After Decoding Over the Erasure Channel , 2006, IEEE Transactions on Information Theory.

[11]  Subhamoy Maitra,et al.  Basic Theory in Construction of Boolean Functions with Maximum Possible Annihilator Immunity , 2006, Des. Codes Cryptogr..

[12]  Willi Meier,et al.  Fast Algebraic Attacks on Stream Ciphers with Linear Feedback , 2003, CRYPTO.

[13]  Nicolas Courtois Fast Algebraic Attacks on Stream Ciphers with Linear Feedback , 2003, CRYPTO.