An Efficient Affine Equivalence Algorithm for Multiple S-Boxes and a Structured Affine Layer

An affine equivalence problem is to find affine mappings A and B such that \(F=B\circ S\circ A\) for given two permutations F and S, which was first studied by Biryukov et al. Their algorithm for solving an affine equivalence problem is quite efficient and has been used in the cryptanalytic toolbox for many cryptographic schemes. Recently, Baek et al. presented a specialized affine equivalence algorithm (SAEA), which solves an affine equivalence problem in the case that S is a concatenation of several smaller S-boxes. The SAEA is more efficient than the affine equivalence algorithm for special cases, but its complexity mainly depends on the entire input size of F.

[1]  Paul C. van Oorschot,et al.  White-Box Cryptography and an AES Implementation , 2002, Selected Areas in Cryptography.

[2]  Alex Biryukov,et al.  A Toolbox for Cryptanalysis: Linear and Affine Equivalence Algorithms , 2003, EUROCRYPT.

[3]  Olivier Billet,et al.  Cryptanalysis of a White Box AES Implementation , 2004, Selected Areas in Cryptography.

[4]  Lei Hu,et al.  Analysis of the SMS4 Block Cipher , 2007, ACISP.

[5]  Paul C. van Oorschot,et al.  A White-Box DES Implementation for DRM Applications , 2002, Digital Rights Management Workshop.

[6]  Adi Shamir,et al.  Minimalism in Cryptography: The Even-Mansour Scheme Revisited , 2012, EUROCRYPT.

[7]  Gregor Leander,et al.  On the Classification of 4 Bit S-Boxes , 2007, WAIFI.

[8]  Wil Michiels,et al.  Cryptanalysis of a Generic Class of White-Box Implementations , 2009, Selected Areas in Cryptography.

[9]  Xuejia Lai,et al.  A Secure Implementation of White-Box AES , 2009, 2009 2nd International Conference on Computer Science and its Applications.

[10]  Ferruh Özbudak,et al.  On Verification of Restricted Extended Affine Equivalence of Vectorial Boolean Functions , 2014, WAIFI.

[11]  Bart Preneel,et al.  Cryptanalysis of the Xiao - Lai White-Box AES Implementation , 2012, Selected Areas in Cryptography.

[12]  Jung Hee Cheon,et al.  White-box AES implementation revisited , 2016, Journal of Communications and Networks.

[13]  Markku-Juhani O. Saarinen Cryptographic Analysis of All 4 x 4 - Bit S-Boxes , 2011, IACR Cryptol. ePrint Arch..

[14]  Yishay Mansour,et al.  A construction of a cipher from a single pseudorandom permutation , 1997, Journal of Cryptology.

[15]  Mohamed Karroumi,et al.  Protecting White-Box AES with Dual Ciphers , 2010, ICISC.