Relating undisturbed bits to other properties of substitution boxes

Download
2015-01-01
Makarim, Rusydi H.
Tezcan, Cihangir
Recently it was observed that for a particular nonzero input difference to an S-Box, some bits in all the corresponding output differences may remain invariant. These specific invariant bits are called undisturbed bits. Undisturbed bits can also be seen as truncated differentials with probability 1 for an S-Box. The existence of undisturbed bits was found in the S-Box of Present and its inverse. A 13-round improbable differential attack on Present was provided by Tezcan and without using the undisturbed bits in the S-Box an attack of this type can only reach 7 rounds. Although the observation and the cryptanalytic application of undisturbed bits are given, their relation with other properties of an S-Box remain unknown. This paper presents some results on mathematical properties of S-Boxes having undisturbed bits. We show that an S-Box has undisturbed bits if any of its coordinate functions has a nontrivial linear structure. The relation of undisturbed bits with other cryptanalytic tools such as difference distribution table (DDT) and linear approximation table (LAT) are also given. We show that autocorrelation table is proven to be a more useful tool, compared to DDT, to obtain all nonzero input differences that yield undisturbed bits. Autocorrelation table can then be viewed as a counterpart of DDT for truncated differential cryptanalysis. Given an n × m balanced S-Box, we state that the S-Box has undisturbed bits whenever the degree of any of its coordinate function is quadratic.

Suggestions

Relating undisturbed bits to other properties of substitution boxes
Makarim, Rusydi Hasan; Doğanaksoy, Ali; Department of Cryptography (2014)
Recently it was observed that for a particular nonzero input difference to an S-Box, some bits in all the corresponding output differences may remain invariant. This specific invariant bit is called undisturbed bit. Undisturbed bit can also be seen as a truncated differential with probability 1 for an S-Box. The existence of undisturbed bits was found in the S-Box of PRESENT and its inverse. A 13-round improbable differential attack on PRESENT was provided by Tezcan (2013) and without using the undisturbed ...
MDS Matrices Over Rings For Designing Lightweight Block Cİpher
Yetişer, Gökçe; Yayla, Oğuz; Department of Cryptography (2021-9-30)
The primary intention of this thesis is to generate lightened Maximum Distance Separable (MDS) matrices so as not to have a high implementation cost while providing solid diffusion to a cipher. In this direction, lightweight cryptography along with the current capabilities of devices and some design principles and permutation layer is given briefly. Next, the diffusion property of block cipher design is studied, where the permutation layer is generally an invertible linear transformation, and they are gener...
Constructions of resilient boolean functions with maximum nonlinearity
Şahin, M. Özgür; Yücel, Melek D; Department of Electrical and Electronics Engineering (2005)
In this thesis, we work on the upper bound for nonlinearity of t-resilient Boolean functions given by Sarkar and Maitra, which is based on divisibility properties of spectral weights of resilient functions and study construction methods that achieve the upper bound. One of the construction methods, introduced by Maity and Johansson, starts with a bent function and complements some values of its truth table corresponding to a previously chosen set of inputs, S, which satisfies three criteria. In this thesis,...
Multi-tone representation of arbitrary waveforms and application to the analysis of nonlinear amplifiers and feedforward linearizers
Mutlu, Ahmet; Demir, Şimşek; Department of Electrical and Electronics Engineering (2005)
Characterization of nonlinear systems is a challenging task as the output can not be expressed simply in terms of input signal. Therefore, a universal analysis method is essential to simplify this procedure. Modeling of the input signal is a crucial part of such analysis. In this thesis, multi-tone representation is employed to model arbitrary, stochastically not well-defined input signals and thereafter characterize nonlinear systems. In order to verify the validity of multitone representation, multi-tone ...
Differential Attacks on Lightweight Block Ciphers PRESENT, PRIDE, and RECTANGLE Revisited
Tezcan, Cihangir; Senol, Asuman; Dogan, Erol; Yucebas, Furkan; Baykal, Nazife (2016-09-21)
Differential distribution and linear approximation tables are the main security criteria for S-box designers. However, there are other S-box properties that, if overlooked by cryptanalysts, can result in erroneous results in theoretical attacks. In this paper we focus on two such properties, namely undisturbed bits and differential factors. We go on to identify several inconsistencies in published attacks against the lightweight block ciphers PRESENT, PRIDE, and RECTANGLE and present our corrections.
Citation Formats
R. H. Makarim and C. Tezcan, “Relating undisturbed bits to other properties of substitution boxes,” 2015, vol. 8898, Accessed: 00, 2020. [Online]. Available: https://hdl.handle.net/11511/32189.