Cryptographic properties of the hidden weighted bit function

Abstract The hidden weighted bit function (HWBF), introduced by R. Bryant in IEEE Trans. Comp. 40 and revisited by D. Knuth in Vol. 4 of The Art of Computer Programming, is a function that seems to be the simplest one with exponential Binary Decision Diagram (BDD) size. This property is interesting from a cryptographic viewpoint since BDD-based attacks are receiving more attention in the cryptographic community. But, to be usable in stream ciphers, the functions must also satisfy all the other main criteria. In this paper, we investigate the cryptographic properties of the HWBF and prove that it is balanced, with optimum algebraic degree and satisfies the strict avalanche criterion. We calculate its exact nonlinearity and give a lower bound on its algebraic immunity. Moreover, we investigate its normality and its resistance against fast algebraic attacks. The HWBF is simple, can be implemented efficiently, has a high BDD size and rather good cryptographic properties, if we take into account that its number of variables can be much larger than for other functions with the same implementation efficiency. Therefore, the HWBF is a good candidate for being used in real ciphers. Indeed, contrary to the case of symmetric functions, which allow such fast implementation but also offer to the attacker some specific possibilities due to their symmetry, its structure is not suspected to be related to such dedicated attacks.

[1]  Lei Hu,et al.  More Balanced Boolean Functions With Optimal Algebraic Immunity and Good Nonlinearity and Resistance to Fast Algebraic Attacks , 2011, IEEE Transactions on Information Theory.

[2]  Михаил Сергеевич Лобанов,et al.  Точное соотношение между нелинейностью и алгебраической иммунностью@@@Exact relation between nonlinearity and algebraic immunity , 2006 .

[3]  Randal E. Bryant,et al.  On the Complexity of VLSI Implementations and Graph Representations of Boolean Functions with Application to Integer Multiplication , 1991, IEEE Trans. Computers.

[4]  Qichun Wang,et al.  Higher Order Algebraic Attacks on Stream Ciphers , 2012, IACR Cryptol. ePrint Arch..

[5]  François Rodier,et al.  Asymptotic Nonlinearity of Boolean Functions , 2006, Des. Codes Cryptogr..

[6]  Subhamoy Maitra,et al.  Cryptographically Significant Boolean Functions: Construction and Analysis in Terms of Algebraic Immunity , 2005, FSE.

[7]  Claude Carlet,et al.  On the Higher Order Nonlinearities of Algebraic Immune Functions , 2006, CRYPTO.

[8]  Donald E. Knuth,et al.  The Art of Computer Programming, Volume 4, Fascicle 2: Generating All Tuples and Permutations (Art of Computer Programming) , 2005 .

[9]  Qichun Wang,et al.  A Note on Fast Algebraic Attacks and Higher Order Nonlinearities , 2010, Inscrypt.

[10]  Willi Meier,et al.  Algebraic Immunity of S-Boxes and Augmented Functions , 2007, FSE.

[11]  Subhamoy Maitra,et al.  Basic Theory in Construction of Boolean Functions with Maximum Possible Annihilator Immunity , 2006, Des. Codes Cryptogr..

[12]  Matthias Krause BDD-Based Cryptanalysis of Keystream Generators , 2002, EUROCRYPT.

[13]  Donald E. Knuth,et al.  The Art of Computer Programming, Volume 4, Fascicle 0: Introduction to Combinatorial Algorithms and Boolean Functions (Art of Computer Programming) , 2008 .

[14]  Haibin Kan,et al.  On Symmetric Boolean Functions With High Algebraic Immunity on Even Number of Variables , 2011, IEEE Transactions on Information Theory.

[15]  Sihem Mesnager Improving the Lower Bound on the Higher Order Nonlinearity of Boolean Functions With Prescribed Algebraic Immunity , 2008, IEEE Transactions on Information Theory.

[16]  Enes Pasalic,et al.  Almost Fully Optimized Infinite Classes of Boolean Functions Resistant to (Fast) Algebraic Cryptanalysis , 2009, ICISC.

[17]  Wen-Feng Qi,et al.  Construction and Analysis of Boolean Functions of 2t+1 Variables with Maximum Algebraic Immunity , 2006, ASIACRYPT.

[18]  Matthias Krause,et al.  Reducing the Space Complexity of BDD-Based Attacks on Keystream Generators , 2006, FSE.

[19]  O. S. Rothaus,et al.  On "Bent" Functions , 1976, J. Comb. Theory, Ser. A.

[20]  Don Coppersmith,et al.  Fast evaluation of logarithms in fields of characteristic two , 1984, IEEE Trans. Inf. Theory.

[21]  Na Li,et al.  On the Construction of Boolean Functions With Optimal Algebraic Immunity , 2008, IEEE Transactions on Information Theory.

[22]  Bart Preneel,et al.  On the Algebraic Immunity of Symmetric Boolean Functions , 2005, INDOCRYPT.

[23]  Xiaohu Tang,et al.  Highly Nonlinear Boolean Functions With Optimal Algebraic Immunity and Good Behavior Against Fast Algebraic Attacks , 2013, IEEE Transactions on Information Theory.

[24]  Willi Meier,et al.  Fast Algebraic Attacks on Stream Ciphers with Linear Feedback , 2003, CRYPTO.

[25]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[26]  Feng Liu,et al.  Constructing Symmetric Boolean Functions With Maximum Algebraic Immunity , 2009, IEEE Transactions on Information Theory.

[27]  Chik How Tan,et al.  Balanced Boolean functions with optimum algebraic degree, optimum algebraic immunity and very high nonlinearity , 2014, Discret. Appl. Math..

[28]  Pantelimon Stanica,et al.  Cryptographic Boolean Functions and Applications , 2009 .

[29]  Yingpu Deng,et al.  A conjecture about binary strings and its applications on constructing Boolean functions with optimal algebraic immunity , 2011, Des. Codes Cryptogr..

[30]  Nicolas Courtois Fast Algebraic Attacks on Stream Ciphers with Linear Feedback , 2003, CRYPTO.

[31]  Claude Carlet,et al.  An Infinite Class of Balanced Vectorial Boolean Functions with Optimum Algebraic Immunity and Good Nonlinearity , 2009, IWCC.

[32]  Dirk Stegemann Extended BDD-Based Cryptanalysis of Keystream Generators , 2007, Selected Areas in Cryptography.

[33]  Claude Carlet,et al.  An Infinite Class of Balanced Functions with Optimal Algebraic Immunity, Good Immunity to Fast Algebraic Attacks and Good Nonlinearity , 2008, ASIACRYPT.

[34]  Panagiotis Rizomiliotis,et al.  On the Resistance of Boolean Functions Against Algebraic Attacks Using Univariate Polynomial Representation , 2010, IEEE Transactions on Information Theory.

[35]  Avishai Wool,et al.  Cryptanalysis of the Bluetooth E0 Cipher Using OBDD's , 2006, ISC.

[36]  Shuhong Gao,et al.  New algorithms for computing groebner bases , 2011 .

[37]  Haibin Kan,et al.  Constructions of Cryptographically Significant Boolean Functions Using Primitive Polynomials , 2010, IEEE Transactions on Information Theory.

[38]  Claude Carlet Comments on "Constructions of Cryptographically Significant Boolean Functions Using Primitive Polynomials" , 2011, IEEE Trans. Inf. Theory.

[39]  Claude Carlet,et al.  Algebraic immunity for cryptographically significant Boolean functions: analysis and construction , 2006, IEEE Transactions on Information Theory.

[40]  Chik How Tan,et al.  Several Classes of Even-Variable Balanced Boolean Functions with Optimal Algebraic Immunity , 2011, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[41]  Willi Meier,et al.  Fast correlation attacks on certain stream ciphers , 1989, Journal of Cryptology.

[42]  Claude Carlet,et al.  Algebraic Attacks and Decomposition of Boolean Functions , 2004, EUROCRYPT.

[43]  Philip Hawkes,et al.  Rewriting Variables: The Complexity of Fast Algebraic Attacks on Stream Ciphers , 2004, CRYPTO.

[44]  Claude Carlet,et al.  Boolean Functions for Cryptography and Error-Correcting Codes , 2010, Boolean Models and Methods.