• PDF / 2,844,095 Bytes
• 17 Pages / 439.642 x 666.49 pts Page_size
• 33 Downloads / 195 Views

DOWNLOAD

REPORT

Cryptographic properties of small bijective S-boxes with respect to modular addition 1 ´ ´ s Jokay Pavol Zajac1 · Matuˇ

Received: 30 August 2019 / Accepted: 28 June 2020 / © Springer Science+Business Media, LLC, part of Springer Nature 2020

Abstract We define affine equivalence of S-boxes with respect to modular addition, and explore its use in cryptanalysis. We have identified classes of small bijective S-boxes with respect to this new equivalence, and experimentally computed their properties. Keywords S-boxes · Cryptanalysis · Modular addition Mathematics Subject Classification (2010) 94A60 · 11T71 · 14G50

1 Introduction The study of Boolean functions has an important place in the design of cryptographic ciphers. The Advanced Encryption Standard (AES), which is a current standard of the U.S. National Institute of Standards and Technology (NIST), benefits from theoretically designed [11] S-boxes with high non-linearity [18] and flat differential profile [19]. Note that already in [19], the question was posed of whether the theoretical approach of constructing S-boxes is relevant when an attacker uses a notion of difference other than XOR. While not directly relevant to AES, there are various cipher designs that use addition modulo 2n instead of, or in addition to, an XOR operation. An example is the Ukrainian standard Kalyna [20] that is very similar to AES, but the initial and final key addition layer is realized with addition modulo 264 . Another example is the Russian standard GOST 28147-89 [25]. GOST 28147-89 has a Feistel structure, in which the round function contains key addition, which is realized

This article belongs to the Topical Collection: Boolean Functions and Their Applications IV Guest Editors: Lilya Budaghyan and Tor Helleseth This research was supported by grant VEGA 1/0159/17.  Pavol Zajac

[email protected] Mat´usˇ J´okay [email protected] 1

Slovak University of Technology in Bratislava, Ilkoviˇcova 3, Bratislava, 812 19, Slovakia

Cryptography and Communications

modulo 232 , followed by an S-box layer (using small 4-bit S-boxes) and a diffusion layer realized by bit rotation. In the case of GOST, or a similar encryption scheme, an attacker is very likely to consider differential cryptanalysis based on differences with respect to modular addition instead of an XOR operation. Recently, the interest in different types of differences in cryptanalysis was reawakened by the approach of [8], later expanded in [10]. This approach applies to the case when S-boxes with good cryptographic properties (such as high non-linearity and a flat differential profile) are used in the design of a cipher. However, the S-boxes contain a hidden weakness: they are cryptographically weak against other algebraic operations, which can be used by the attacker to mount a modified differential attack. The study in [10] focuses on differential attacks using a hidden algebraic structure in the whole cipher. An alternative additive operation is chosen so that one S-box is weakened, and also the linear layer remain

Recommend Documents

The Delicate Issues of Addition with Respect to XOR Differences

207 110 309KB

Outsourcing Modular Exponentiation in Cryptographic Web Applications

148 44 322KB

Petrographic properties with respect to VM content of coal

161 41 65MB

Analysis of mixing properties of the operations of modular addition and bitwise addition defined on one carrier

139 90 132KB

Security Issues with Respect to Celestial Bodies

165 18 32MB

System Architecture with Respect to Indoor Localization

197 117 6MB

Small Modular Reactors as Renewable Energy Sources

253 85 12MB

Some geometric properties of matrix means with respect to different metrics

236 43 407KB

Geometry of submanifolds with respect to ambient vector fields

182 114 6MB

Invariance of Keys with Respect to Operations of Table Algebras

195 97 147KB

Structural Topology Optimization with Respect to Eigenfrequencies of Vibration

172 38 15MB

Cryptographic Games

164 80 5MB