Abstract
A perfect nonlinear S-box is a substitution transformation with evenly distributed directional derivatives. Since the method of differential cryptanalysis presented by E. Biham and A. Shamir makes use of nonbalanced directional derivatives, the perfect nonlinear S-boxes are immune to this attack. The main result is that for a perfect nonlinear S-box the number of input variables is at least twice the number of output variables. Also two different construction methods are given. The first one is based on the Maiorana-McFarland construction of bent functions and is easy and efficient to implement. The second method generalizes Dillon’s construction of difference sets.
Chapter PDF
Similar content being viewed by others
Keywords
- Directional Derivative
- Bend Function
- Linear Feedback Shift Register
- Bent Function
- Differential Cryptanalysis
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
C. M. Adams and S. E. Tavares, The use of bent sequences to achieve higher-order strict avalanche criterion in S-box design, IEE Proceedings (to appear).
E. Biham and A. Shamir, Differential cryptanalysis of DES-like cryptosystems, Proceedings of Crypto’ 90 (to appear).
D. Chaum and J. H. Evertse, Cryptanalysis of DES with a reduced number of rounds, Advances in Cryptology, Proceedings of Crypto’ 85, Springer-Verlag 1986, 192–211.
M. H. Dawson and S. E. Tavares, An expanded set of s-box design criteria based on information theory and its relation to differential-like attacks, These Proceedings.
J. Denes and A. D. Keedwell, “Latin squares and their applications,” The English Universities Press Ltd, London, 1974.
J. F. Dillon, Elementary Hadamard difference sets, Proceedings of the Sixth Southeastern Conference on Combinatorics, Graph Theory and Computing, Boca Raton, Florida (1975), 237–249; Congressus Numerantium No. XIV, Utilitas Math., Winnipeg, Manitoba (1975).
P. V. Kumar, R. A. Scholtz and L. R. Welch, Generalized bent functions and their properties, J. Combinatorial Theory, Ser. A 40 (1985), 90–107.
A. Lempel and M. Cohn, Maximal families of bent sequences, IEEE Trans. Inform. Theory IT-28 (1982), 865–868.
R. Lidl and H. Niederreiter, “Finite fields. Encyclopedia of Mathematics and its applications, Vol. 20,” Addison-Wesley, Reading, Massachusetts, 1983.
H. B. Mann, The construction of orthogonal Latin squares, Ann. Math. Statist. 13 (1942), 418–423.
R. L. McFarland, A family of difference sets in non-cyclic groups, J. Combinatorial Theory, Ser. A 15 (1973), 1–10.
W. Meier and O. Staffelbach, Nonlinearity criteria for cryptographic functions, Proceedings of Eurocrypt’ 89, Springer 1990, 549–562.
K. Nyberg, Constructions of bent functions and difference sets, Proceedings of Eurocrypt’ 90, Springer-Verlag 1991, 151–160.
B. Preneel et al., Propagation characteristics of Boolean bent functions, Proceedings of Eurocrypt’ 90, Springer-Verlag 1991, 161–173.
O. S. Rothaus, On “bent” functions, J. Combinatorial Theory, Ser. A 20 (1976), 300–305.
R. A. Rueppel, Stream Ciphers, in “Contemporary Cryptology: The Science of Information Integrity,” edited by Gustavus Simmons, IEEE Press (to appear).
R. Yarlagadda and J. E. Hershey, Analysis and synthesis of bent sequences, IEE Proceedings 136 (1989), 112–123.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1991 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Nyberg, K. (1991). Perfect nonlinear S-boxes. In: Davies, D.W. (eds) Advances in Cryptology — EUROCRYPT ’91. EUROCRYPT 1991. Lecture Notes in Computer Science, vol 547. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46416-6_32
Download citation
DOI: https://doi.org/10.1007/3-540-46416-6_32
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-54620-7
Online ISBN: 978-3-540-46416-7
eBook Packages: Springer Book Archive