[Resource Topic] 2024/1693: A notion on S-boxes for a partial resistance to some integral attacks

Resource Secret-key cryptography
#1

Welcome to the resource topic for 2024/1693

Title:
A notion on S-boxes for a partial resistance to some integral attacks

Authors: Claude Carlet

Abstract:

In two recent papers, we introduced and studied the notion of $k$th-order sum-freedom of a vectorial function F:\mathbb F_2^n\to \mathbb F_2^m. This notion generalizes that of almost perfect nonlinearity (which corresponds to k=2) and has some relation with the resistance to integral attacks of those block ciphers using F as a substitution box (S-box), by preventing the propagation of the division property of k-dimensional affine spaces. In the present paper, we show that this notion, which is rarely satisfied by vectorial functions, can be weakened while retaining the property that the S-boxes do not propagate the division property of k-dimensional affine spaces. This leads us to the property that we name $k$th-order t-degree-sum-freedom, whose strength decreases when t increases, and which coincides with $k$th-order sum-freedom when t=1. The condition for $k$th-order t-degree-sum-freedom is that, for every k-dimensional affine space A, there exists a non-negative integer j of 2-weight at most t such that \sum_{x\in A}(F(x))^j\neq 0. We show, for a general $k$th-order t-degree-sum-free function F, that t can always be taken smaller than or equal to \min(k,m) under some reasonable condition on F, and that it is larger than or equal to \frac k{\deg(F)}, where \deg(F) is the algebraic degree of F. We study examples for k=2 (case in which t=1 corresponds to APNness) showing that finding j of 2-weight 2 can be challenging, and we begin the study of power functions, and in particular, of the multiplicative inverse function (used as S-box in the AES), for which we extend to $k$th-order t-degree-sum-freedom the result that it is $k$th-order sum-free if and only if it is $(n-k)$th-order sum-free. We begin the study of the cases of k\in \{2,3,n-3,n-2,n-1,n\}.

ePrint: https://eprint.iacr.org/2024/1693

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .