Differentially 4-uniform bijections by permuting the inverse function

Block ciphers use substitution boxes (S-boxes) whose aim is to create confusion into the cryptosystems. Functions used as S-boxes should have low differential uniformity, high nonlinearity and algebraic degree larger than 3 (preferably strictly larger). They should be fastly computable; from this viewpoint, it is better when they are in even number of variables. In addition, the functions should be bijections in a substitution-permutation network. Almost perfect nonlinear (APN) functions have the lowest differential uniformity 2 and the existence of APN bijections over $$\mathbb {F}_{2^n}$$F2n for even $$n\ge 8$$n≥8 is a big open problem. In the present paper, we focus on constructing differentially 4-uniform bijections suitable for designing S-boxes for block ciphers. Based on the idea of permuting the inverse function, we design a construction providing a large number of differentially 4-uniform bijections with maximum algebraic degree and high nonlinearity. For every even $$n\ge 12$$n≥12, we mathematically prove that the functions in a subclass of the constructed class are CCZ-inequivalent to known differentially 4-uniform power functions and to quadratic functions. This is the first mathematical proof that the functions in an infinite class of differentially 4-uniform bijections are CCZ-inequivalent to known differentially 4-uniform power functions and to quadratic functions. We also get a naive lower bound on the nonlinearity of our functions, which can be very high in some cases, and obtain improved lower bounds on the nonlinearity for three special subcases of functions which are extremely large.

[1]  F. MacWilliams,et al.  The Theory of Error-Correcting Codes , 1977 .

[2]  Lars R. Knudsen,et al.  Truncated and Higher Order Differentials , 1994, FSE.

[3]  Yin Tan,et al.  Binomial differentially 4 uniform permutations with high nonlinearity , 2012, Finite Fields Their Appl..

[4]  Claude Carlet,et al.  New classes of almost bent and almost perfect nonlinear polynomials , 2006, IEEE Transactions on Information Theory.

[5]  Claude Carlet,et al.  On Known and New Differentially Uniform Functions , 2011, ACISP.

[6]  G. Lachaud,et al.  The weights of the orthogonals of the extended quadratic binary Goppa codes , 1990, IEEE Trans. Inf. Theory.

[7]  Carl Bracken,et al.  A highly nonlinear differentially 4 uniform power mapping that permutes fields of even degree , 2009, Finite Fields Their Appl..

[8]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[9]  Kaisa Nyberg,et al.  Differentially Uniform Mappings for Cryptography , 1994, EUROCRYPT.

[10]  Yin Tan,et al.  Constructing Differentially 4-Uniform Permutations Over ${\BBF}_{2^{2k}}$ via the Switching Method , 2013, IEEE Transactions on Information Theory.

[11]  Alexander Pott,et al.  A new almost perfect nonlinear function which is not quadratic , 2008, Adv. Math. Commun..

[12]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[13]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[14]  Claude Carlet,et al.  Codes, Bent Functions and Permutations Suitable For DES-like Cryptosystems , 1998, Des. Codes Cryptogr..

[15]  Yongqiang Li,et al.  Constructing differentially 4-uniform permutations over GF(22m) from quadratic APN permutations over GF(22m+1) , 2014, Des. Codes Cryptogr..

[16]  Xiaohu Tang,et al.  New Construction of Differentially 4-Uniform Bijections , 2013, Inscrypt.

[17]  Lei Hu,et al.  Constructing new differentially 4-uniform permutations from the inverse function , 2014, Finite Fields Their Appl..