Vectorial Boolean functions and linear codes in the context of algebraic attacks (original) (raw)
Related papers
Algebraic Immunity for Cryptographically Significant Boolean Functions: Analysis and Construction
IEEE Transactions on Information Theory, 2006
Recently, algebraic attacks have received a lot of attention in the cryptographic literature. It has been observed that a Boolean function used as a cryptographic primitive, and interpreted as a multivariate polynomial over 2 , should not have low degree multiples obtained by multiplication with low degree nonzero functions. In this paper, we show that a Boolean function having low nonlinearity is (also) weak against algebraic attacks, and we extend this result to higher order nonlinearities. Next, we present enumeration results on linearly independent annihilators. We also study certain classes of highly nonlinear resilient Boolean functions for their algebraic immunity. We identify that functions having low-degree subfunctions are weak in terms of algebraic immunity, and we analyze some existing constructions from this viewpoint. Further, we present a construction method to generate Boolean functions on variables with highest possible algebraic immunity 2 (this construction, first presented at the 2005 Workshop on Fast Software Encryption (FSE 2005), has been the first one producing such functions). These functions are obtained through a doubly indexed recursive relation. We calculate their Hamming weights and deduce their nonlinearities; we show that they have very high algebraic degrees. We express them as the sums of two functions which can be obtained from simple symmetric functions by a transformation which can be implemented with an algorithm whose complexity is linear in the number of variables. We deduce a very fast way of computing the output to these functions, given their input.
Boolean Functions with Maximum Algebraic Immunity Based on Properties of Punctured Reed–Muller Codes
Lecture Notes in Computer Science, 2016
The algebraic immunity of Boolean functions is studied in this paper. More precisely, having the prominent Carlet-Feng construction as a starting point, we propose a new method to construct a large number of functions with maximum algebraic immunity. The new method is based on deriving new properties of minimal codewords of the punctured Reed-Muller code RM (n−1 2 , n) for any n, allowing-if n is odd-for efficiently generating large classes of new functions that cannot be obtained by other known constructions. It is shown that high nonlinearity, as well as good behavior against fast algebraic attacks, is also attainable. Keywords Algebraic attack • Algebraic immunity • Annihilators • Boolean functions • Cryptography • Reed-Muller codes Mathematics Subject Classification 94A60 • 06E30 Part of this work has been presented at the BalkanCryptSec 2015, Koper, Slovenia, 3-4 September 2015 [18]. The results on functions with odd number of variables have been extended, providing a wider class of functions (i.e., Theorem 6, Alg. modifyCFand Propositions 10, 11 and 12 are new), whereas new subsections have been added with results on functions with even number of variables (Sects. 3.2 and 4.2). Moreover, the results of Sect. 3 have been extended to cover the even case too. Communicated by C. Carlet.
On Some Necessary Conditions of Boolean Functions to Resist Algebraic Attacks
2006
In this thesis we discuss certain properties of Boolean functions that are necessary for resistance against algebraic and fast algebraic attacks. A Boolean function f(x1, . . . , xn) on n variables may be described as a multivariate polynomial over GF (2) and it is well known that its algebraic degree d should not be low if it has to be used as a primitive in a well designed cryptosystem. Recently, it has been noted that a necessary condition in resisting algebraic attack is as follows: the function f should not have a relation fg = h, where g, h are nonzero n-variable Boolean functions of low degrees. This condition boils down to the situation that the function f should not have relations like fh1 = 0 or (1 + f)h2 = 0, where h1, h2 are nonzero n-variable Boolean functions of low degrees. The function h1 (respectively h2) is called the annihilator of f (respectively 1 + f). The notation AIn(f) is used to denote the minimum degree of the annihilators of f or 1 + f . This is well know...
2005
Algebraic attack has recently become an important tool in cryptanalysing different stream and block cipher systems. A Boolean function, when used in some cryptosystem, should be designed properly to resist this kind of attack. The cryptographic property of a Boolean function, that resists algebraic attack, is known as Algebraic Immunity (AI). So far, the attempt in designing Boolean functions with required algebraic immunity was only ad-hoc, i.e., the functions were designed keeping in mind the other cryptographic criteria, and then it has been checked whether it can provide good algebraic immunity too. For the first time, in this paper, we present a construction method to generate Boolean functions on n variables with highest possible algebraic immunity n 2 . Such a function can be used in conjunction with (using direct sum) functions having other cryptographic properties. In a different direction we identify that functions, having low degree subfunctions, are weak in terms of algebraic immunity and analyse some existing constructions from this viewpoint.
On the Algebraic Immunity of Symmetric Boolean Functions
Lecture Notes in Computer Science, 2005
In this paper, we analyse the algebraic immunity of symmetric Boolean functions. We identify a set of lowest degree annihilators for symmetric functions and propose an efficient algorithm for computing the algebraic immunity of a symmetric function. The existence of several symmetric functions with maximum algebraic immunity is proven. In this way, a new class of function which have good implementation properties and maximum algebraic immunity is found. We also investigate the existence of symmetric functions with high nonlinearity and reasonable order of algebraic immunity. Finally, we give suggestions how to use symmetric functions in a stream cipher.
Algebraic Immunity of Boolean Functions-Analysis and Construction
Computación y sistemas, 2009
In this paper, we first analyse the method of finding algebraic immunity of a Boolean function. Given a Boolean function f on n-variables, we identify a reduced set of homogeneous linear equations by solving which one can decide whether there exist annihilators of f at a specific degree. Moreover, we analyse how an affine transformation on the input variables of f can be exploited to achieve further reduction in the set of homogeneous linear equations. Next, from the design point of view, we construct balanced Boolean functions with maximum possible AI with an additional property which is necessary to resist the fast algebraic attack.
Upper Bounds on Algebraic Immunity of Boolean Power Functions
2006
Algebraic attacks have received a lot of attention in studying security of symmetric ciphers. The function used in a symmetric cipher should have high algebraic immunity ( calAI{\cal AI}calAI ) to resist algebraic attacks. In this paper we are interested in finding calAI{\cal AI}calAI of Boolean power functions. We give an upper bound on the calAI{\cal AI}calAI of any Boolean power function and a formula to find its corresponding low degree multiples. We prove that the upper bound on the calAI{\cal AI}calAI for Boolean power functions with Inverse, Kasami and Niho exponents are lfloorsqrtnrfloor+lceilfracnlfloorsqrtnrfloorrceil−2\lfloor \sqrt{n}\rfloor + \lceil \frac{n}{\lfloor \sqrt{n} \rfloor}\rceil -2lfloorsqrtnrfloor+lceilfracnlfloorsqrtnrfloorrceil−2 , lfloorsqrtnrfloor+lceilfracnlfloorsqrtnrfloorrceil\lfloor \sqrt{n} \rfloor + \lceil \frac{n}{\lfloor \sqrt{n} \rfloor}\rceillfloorsqrtnrfloor+lceilfracnlfloorsqrtnrfloorrceil and lfloorsqrtnrfloor+lceilfracnlfloorsqrtnrfloorrceil\lfloor \sqrt{n} \rfloor + \lceil \frac{n}{\lfloor \sqrt{n} \rfloor}\rceillfloorsqrtnrfloor+lceilfracnlfloorsqrtnrfloorrceil respectively. We also generalize this idea to Boolean polynomial functions. All existing algorithms to determine calAI{\cal AI}calAI and corresponding low degree multiples become too complex if the function has more than 25 variables. In our approach no algorithm is required. The calAI{\cal AI}calAI and low degree multiples can be obtained directly from the given formula.
Secondary constructions of Boolean functions with maximum algebraic immunity
Cryptography and Communications, 2013
The algebraic immunity of cryptographic Boolean functions with odd number of variables is studied in this paper. Proper modifications of functions with maximum algebraic immunity are proved that yield new functions whose algebraic immunity is also maximum. Several results are provided for both the multivariate and univariate representation, and their applicability is shown on known classes of Boolean functions. Moreover, new efficient algorithms to produce functions of guaranteed maximum algebraic immunity are developed, which further extend and generalize well-known constructions in this area. It is shown that high nonlinearity as well as good behavior against fast algebraic attacks are also achievable in several cases.
1 Modifying Boolean Functions to Ensure Maximum Algebraic Immunity
2014
Abstract—The algebraic immunity of cryptographic Boolean functions is studied in this paper. Proper modifications of functions achieving maximum algebraic immunity are proved, in order to yield new functions of also maximum algebraic immunity. It is shown that the derived results apply to known classes of functions. Moreover, two new efficient algorithms to produce functions of guaranteed maximum algebraic immunity are developed, which further extend and generalize known constructions of functions with maximum algebraic immunity. Index Terms—algebraic attack, algebraic immunity, annihilators, Boolean functions, cryptography I.