Abstract
Goldreich’s pseudorandom generator is a well-known building block for many theoretical cryptographic constructions from multi-party computation to indistinguishability obfuscation. Its unique efficiency comes from the use of random local functions: each bit of the output is computed by applying some fixed public n-variable Boolean function f to a random public size-n tuple of distinct input bits. The characteristics that a Boolean function f must have to ensure pseudorandomness is a puzzling issue. It has been studied in several works and particularly by Applebaum and Lovett (STOC 2016) who showed that resiliency and algebraic immunity are key parameters in this purpose. In this paper, we propose the first study on Boolean functions that reach together maximal algebraic immunity and high resiliency. (1) We assess the possible consequences of the asymptotic existence of such optimal functions. We show how they allow to build functions reaching all possible algebraic immunity-resiliency trade-offs (respecting the algebraic immunity and Siegenthaler bounds). We provide a new bound on the minimal number of variables n, and thus on the minimal locality, necessary to ensure a secure Goldreich’s pseudorandom generator. Our results come with a granularity level depending on the strength of our assumptions, from none to the conjectured asymptotic existence of optimal functions. (2) We extensively analyze the possible existence and the properties of such optimal functions. Our results show two different trends. On the one hand, we were able to show some impossibility results concerning existing families of Boolean functions that are known to be optimal with respect to their algebraic immunity, starting by the promising XOR-MAJ functions. We show that they do not reach optimality and could be beaten by optimal functions if our conjecture is verified. On the other hand, we prove the existence of optimal functions in low number of variables by experimentally exhibiting some of them up to 12 variables. This directly provides better candidates for Goldreich’s pseudorandom generator than the existing XOR-MAJ candidates for polynomial stretches from 2 to 6.
Similar content being viewed by others
Notes
we do not introduce the bit-fixing degree and focus on the AI for assessing linear and algebraic attacks. Indeed, the assumptions on the AI are capturing the assumptions on the bit-fixing degree (see [9, Sect. 1.2.2]). More precisely, for \(r\in \mathbb {N}\) an algebraic immunity \(\textsf{AI}(f)\) implies r-bit fixing degree of at least \(\textsf{AI}(f)-r\) for any \(r < \textsf{AI}(f)\).
In [9], the bound \(n_0\le k+2e\) is claimed to be reached by \({\textsf{XOR}}_{k} \textsf{MAJ}_{2e}\) but this is actually not enough for proving such a bound since its resiliency order is \(k-1\) instead of k.
When \(\textsf{AI}= 0\), \((\textsf{res}, \textsf{AI}) = (-1, 0)\) are accessed by the two constant functions, so we exclude it from the graphs as it is not relevant for the following study.
Despite the resiliency order is a major criterion, some of these constructions were also designed to target a high algebraic degree which forces a low resiliency order (see Theorem 2).
One can verify the resiliency order and algebraic immunity with the SageMath and the BooleanFunction package (https://doc.sagemath.org/html/en/reference/cryptography/sage/crypto/boolean_function.html).
References
Akavia A., Bogdanov A., Guo S., Kamath A., Rosen A.: Candidate weak pseudorandom functions in AC0 MOD2. In: ITCS. ITCS ’14 (2014)
Albrecht M. R., Rechberger C., Schneider T., Tiessen T., Zohner M.: Ciphers for MPC and FHE. In: EUROCRYPT 2015, Part I. LNCS. pp. 430–454 (2015).
Alekhnovich M., Hirsch E.A., Itsykson D.: Exponential lower bounds for the running time of DPLL algorithms on satisfiable formulas. J. Autom. Reason. 35(1–3), 51–72 (2005).
Ananth P., Jain A., Lin H., Matt C., Sahai A.: Indistinguishability obfuscation without multilinear maps: new paradigms via low degreeweak pseudorandomness and security amplification. In: CRYPTO. pp. 284–332 (2019).
Andrej B., Youming Q.: On the security of Goldreich’s one-way function. In: RANDOM. pp. 392–405 (2009)
Applebaum B.: Pseudorandom generators with long stretch and low locality from random local one-way functions. In: Karloff H.J., Pitassi T. (eds.) 44th ACM STOC, pp. 805–816. ACM Press, New York (2012).
Applebaum B.: Cryptographic hardness of random local functions-survey. In: Amit S. (ed.) TCC 2013. LNCS., vol. 7785. Springer, Heidelberg (2013).
Applebaum B.: The cryptographic hardness of random local functions-survey. In: IACR Cryptology ePrint Archive 2015, p. 165 (2015)
Applebaum B., Lovett S.: Algebraic attacks against random local functions and their countermeasures. In: Wichs D., Mansour Y. (eds.) 48th ACM STOC. ACM Press, New York (2016).
Applebaum B., Lovett S.: Algebraic attacks against random local functions and their countermeasures. SIAM J. Comput. 2016, 52–79 (2018).
Applebaum B., Ishai Y., Kushilevitz E.: On pseudorandom generators with linear stretch in NC 0. Comput. Complex. 17(1), 38–69 (2008).
Applebaum B., Bogdanov A., Rosen A.: A dichotomy for local small-bias generators. In: Cramer R. (ed.) Theory of Cryptography, pp. 600–617. Springer, Berlin (2012).
Applebaum B., Bogdanov A., Rosen A.: A dichotomy for local small-bias generators. J. Cryptol. 29(3), 577–596 (2016) ISSN: 0933-2790.
Armknecht F., Carlet C., Gaborit P., Künzli S., Meier W., Ruatta O.: Efficient computation of algebraic immunity for algebraic and fast algebraic attacks. In: Serge V. (ed.) EUROCRYPT 2006. LNCS, vol. 4004. Springer, Heidelberg (2006).
Bierbrauer J., Gopalakrishnan K., Stinson D.R.: Bounds for resilient functions and orthogonal arrays. In: Yvo D. (ed.) CRYPTO’94, pp. 247–256. LNCS. Springer, Heidelberg (1994).
Boneh D., Ishai Y., Passelègue A., Sahai A., Wu D.J.: Exploring crypto dark matter: new simple PRF candidates and their applications. In: TCC. pp. 699–729 (2018).
Boyle E., Couteau G., Gilboa N., Ishai Y., Orrú M.: Homomorphic Secret Sharing: Optimizations and Applications. In: ACM SIGSAC. New York. pp. 2105–2122 (2017)
Boyle E., Couteau G., Gilboa N., Ishai Y., Kohl L., Scholl P.: Correlated Pseudorandom Functions from Variable-Density LPN. In: FOCS. pp. 1069–1080 (2020)
Braeken A., Preneel B.: On the algebraic immunity of symmetric Boolean functions. In: INDOCRYPT. pp. 35–48 (2005)
Canteaut A., Carpov S., Fontaine C., Lepoint T., Naya-Plasencia M., Paillier P., Sirdey R.: Stream ciphers: a practical solution for efficient homomorphic-ciphertext compression. In: Thomas P. (ed.) FSE 2016, vol. 9783. LNCS, Heidelberg (2018).
Carlet C.: A method of construction of balanced functions with optimum algebraic immunity. In: International Workshop on Coding and Cryptography (2007)
Carlet C.: Boolean Functions for Cryptography and Coding Theory. Cambridge University Press, Cambridge (2021).
Carlet C., Feng K.: An infinite class of balanced functions with optimal algebraic immunity, good immunity to fast algebraic attacks and good nonlinearity. In: Josef P. (ed.) ASIACRYPT 2008, vol. 5350, pp. 425–440. LNCS. Springer, Heidelberg (2008).
Carlet C., Gaborit P.: On the construction of Boolean functions with a good algebraic immunity. In: Boolean Functions: Cryptography and Applications. pp. 1101–1105 (2005)
Carlet C., Méaux P.: Boolean functions for homomorphic-friendly stream ciphers. In: Gueye C.T., Persichetti E., Cayrel P.-L., Buchmann J. (eds.) Algebra, Codes and Cryptology, pp. 166–182. Springer, Cham (2019).
Carlet C., Méaux P.: A complete study of two classes of Boolean functions for homomorphic-friendly stream ciphers. In: IACR Cryptol. ePrint Arch. 2020, p. 1562 (2020)
Carlet C., Mesnager S.: On the supports of the Walsh transforms of Boolean functions. Cryptology ePrint Archive, Report 2004/256 (2004)
Carlet C., Méaux P.: A complete study of two classes of Boolean functions: direct sums of monomials and threshold functions. IEEE Trans. Inf. Theory 68(5), 3404–3425 (2022). https://doi.org/10.1109/TIT.2021.3139804.
Carlet C., Dalai D.K., Gupta K.C., Maitra S.: Algebraic immunity for cryptographically significant boolean functions: analysis and construction. IEEE 52(7), 3105–3121 (2006).
Carlet C., Zeng X., Li C., Lei H.: Further properties of several classes of Boolean functions with optimum algebraic immunity. DCC 52, 303–338 (2009).
Chen Y.D., Zhang Y.N., Tian W.: Construction of even-variable rotation symmetric Boolean functions with optimal algebraic immunity. J. Cryptol. Res. 1(5), 437 (2014).
Chen Y., Guo F., Ruan J.: Constructing odd-variable RSBFs with optimal algebraic immunity, good nonlinearity and good behavior against fast algebraic attacks. Discret. Appl. Math. 262, 1–12 (2019).
Chen Y., Lin L., Liao L., Ruan J., Guo F., Cai W.: Constructing higher nonlinear odd-variable RSBFs with optimal AI and almost optimal FAI. IEEE Access 7, 133335–133341 (2019).
Chen H., Ding C., Mesnager S., Tang C.: A novel application of Boolean functions with high algebraic immunity in minimal codes. In: CoRR arXiv:2004.04932 (2020)
Chor B., Goldreich O., Hasted J., Freidmann J., Rudich S., Smolensky R.: The bit extraction problem or t-resilient functions. In: FOCS. pp. 396–407 (1985)
Cohen G.: Covering Codes. International Congress Series. Elsevier, Amsterdam (1997).
Cook J., Etesami O., Miller R., Trevisan L.: On the one-way function candidate proposed by Goldreich. ACM Trans. Comput. Theory 6(3), 14 (2014).
Courtois N., Meier W.: Algebraic attacks on stream ciphers with linear feedback. In: Eli B. (ed.) EUROCRYPT 2003, vol. 2656. LNCS. Springer, Heidelberg (2003).
Couteau G., Dupin A., Méaux P., Rossi M., Rotella Y.: On the Concrete Security of Goldreich’s Pseudorandom Generator. In: ASIACRYPT (2018)
Cryan M., Miltersen P.B.: On pseudorandom generators in NC 0. In: International Symposium on Mathematical Foundations of Computer Science (2001)
Cusick T., Stănică P.: Fast evaluation, weights and nonlinearity of rotation-symmetric functions. In: Discrete Mathematics 258 (2000)
Dalai D.K., Maitra S.: Results on Rotation Symmetric Bent Functions. Cryptology ePrint Archive, Report 2005/118 (2005)
Dalai D.K., Gupta K.C., Maitra S.: Results on Algebraic Immunity for Cryptographically Significant Boolean Functions. In: INDOCRYPT. LNCS. pp. 92–106 (2004)
Dalai D., Gupta K., Maitra S.: Cryptographically Significant Boolean Functions: Construction and Analysis in Terms of Algebraic Immunity. In: FSE 2005. LNCS. pp. 98–111 (2005)
Dalai D.K., Maitra S., Sarkar S.: Basic Theory in Construction of Boolean Functions with Maximum Possible Annihilator Immunity. In: DCC (2006)
Daniely A., Vardi G.: From Local Pseudorandom Generators to Hardness of Learning. In: CoRR arXiv:2101.08303 (2021)
Didier F.: Codes de Reed-Muller et cryptanalyse du registre filtré. PhD thesis. École Polytechnique, Palaiseau, France (2007)
Didier F., Tillich J.-P.: Computing the Algebraic Immunity Efficiently. In: Robshaw Matthew J.B. (ed.) FSE 2006, vol. 4047, pp. 359–374. LNCS. Springer, Heidelberg (2006).
Fu S., Li C., Matsuura K., Qu L.: Construction of rotation symmetric Boolean functions with maximum algebraic immunity. In: Garay J.A., Miyaji A., Otsuka A. (eds.) CANS 09, vol. 5888, pp. 402–412. LNCS. Springer, Heidelberg (2009).
Fu S., Qu L., Li C., Sun B.: Balanced rotation symmetric Boolean functions with maximum algebraic immunity. Secur. Inform. 5, 93–99 (2011).
Gay R., Jain A., Lin H., Sahai A.: Indistinguishability obfuscation from simple-to-state hard problems: new assumptions, new techniques, and simplification. In: IACR Cryptol. ePrint Arch. 2020 (2020)
Goldreich O.: Candidate one-way functions based on expander graphs. Electr. Colloquium Comput. Complex. (ECCC) 7(90), 1–12 (2000).
Grassi L., Rechberger C., Rotaru D., Scholl P., Smart N.P.: MPC-Friendly Symmetric Key Primitives. In: Weippl E.R., Katzenbeisser S., Kruegel C., Myers A.C., Halevi S. (eds.) ACM SIGSAC CCS. (2016)
Ishai Y., Kushilevitz E., Ostrovsky R., Sahai A.: Cryptography with constant computational overhead. In: 40th ACM STOC. ACM Press, pp. 433–442 (2008)
Jain A., Lin H., Matt C., Sahai A.: How to leverage hardness of constant-degree expanding polynomials over R to build iO. In: Ishai Y., Rijmen V. (eds.) EUROCRYPT. Vol. 11476. Lecture Notes in Computer Science. pp. 251–281 (2019)
Jain A., Lin H., Sahai A.: Simplifying Constructions and Assumptions for iO. In: IACR Cryptol. ePrint Arch. 2019, p. 1252 (2019)
Jin Q., Liu Z., Wu B., Zhang X.: A general conjecture similar to T-D conjecture and its applications in constructing Boolean functions with optimal algebraic immunity. Cryptology ePrint Archive, Report 2011/515. (2011)
Jin Q., Liu Z., Wu B.: 1-Resilient Boolean Function with Optimal Algebraic Immunity. Cryptology ePrint Archive, Report 2011/549 (2011)
Kavut S., Maitra S., Sarkar S., Yücel M.D.: Enumeration of 9-Variable Rotation Symmetric Boolean Functions Having Nonlinearity \(> 240\). In: INDOCRYPT, pp. 266–279 (2006)
Li N., Qi W.-F.: Construction and analysis of Boolean functions of 2t+1 variables with maximum algebraic immunity. In: Lai X., Chen K. (eds.) ASIACRYPT 2006. vol. 4284, pp. 84–98. LNCS (2006)
Li N., Qu L., Qi W., Feng G., Li C., Xie D.: On the construction of Boolean functions with optimal algebraic immunity. IEEE Trans. Inf. Theory 54(3), 1330–1334 (2008).
Li J., Carlet C., Zeng X., Hu L., Shan J.: Two constructions of balanced Boolean functions with optimal algebraic immunity, high nonlinearity and good behavior against fast algebraic attacks. Des. Codes Cryptogr. 76, 279–305 (2014).
Limniotis K., Kolokotronis N.: Boolean functions with maximum algebraic immunity: further extensions of the Carlet-Feng construction. DCC 86, 1685–1706 (2018).
Limniotis K., Kolokotronis N., Kalouptsidis N.: Secondary constructions of Boolean functions with maximum algebraic immunity. In: Cryptography and Communications 5 (2013)
Liu M., Lin D.: Almost perfect algebraic immune functions with good nonlinearity. In: 2014 IEEE International Symposium on Information Theory, pp. 1837–1841 (2014)
Liu M., Lin D.: Results on highly nonlinear Boolean functions with provably good immunity to fast algebraic attacks. Inf. Sci. 421, 181–203 (2017).
Lombardi A., Vaikuntanathan V.: Limits on the Locality of Pseudorandom Generators and Applications to Indistinguishability Obfuscation. In: TCC, pp. 119–137 (2017)
McLaughlin J., Clark J.A.: Evolving balanced Boolean functions with optimal resistance to algebraic and fast algebraic attacks, maximal algebraic degree, and very high nonlinearity. Cryptology ePrint Archive, Report 2013/011 (2013)
Méaux P., Journault A.F., Carlet C.: Towards Stream Ciphers for Efficient FHE with Low-Noise Ciphertexts. In: EUROCRYPT, pp. 311–343 (2016)
Méaux P., Carlet C., Journault A., Standaert F.: Improved Filter Permutators for Efficient FHE: Better Instances and Implementations. In: Hao F., Ruj S., Gupta S.S. (eds.) INDOCRYPT. vol. 11898, pp. 68–91. LNCS (2019)
Méaux P., Carlet C., Journault A., Standaert F.-X.: Improved Filter Permutators: Combining Symmetric Encryption Design, Boolean Functions, Low Complexity Cryptography, and Homomorphic Encryption, for Private Delegation of Computations. Cryptology ePrint Archive, Report 2019/483 (2019)
Meier W., Pasalic E., Carlet C.: Algebraic attacks and decomposition of Boolean functions. In: Cachin C., Camenisch J. (eds.) Advances in Cryptology-EUROCRYPT, vol. 3027, pp. 474–491. Lecture Notes in Computer Science. Springer, Berlin (2004).
Mesnager S., Sihong S., Zhang H.: A construction method of balanced rotation symmetric Boolean functions on arbitrary even number of variables with optimal algebraic immunity. Des. Codes Cryptogr. 89(1), 1–17 (2021).
Mossel E., Shpilka A., Trevisan L.: On e-Biased Generators in NC0. In: 44th FOCS, pp. 136–145. IEEE Computer Society Press (2003)
ODonnell R., Witmer D.: Goldreich’s PRG: evidence for near-optimal polynomial stretch. In: Conference on Computational Complexity (CCC), pp. 1–12. IEEE (2014)
Pan S.-S., Xiao-Tong F., Zhang W.-G.: Construction of 1resilient Boolean functions with optimal algebraic immunity and good nonlinearity. JCST 26, 269–275 (2011).
Pasalic E.: Almost Fully Optimized Infinite Classes of Boolean Functions Resistant to (Fast) Algebraic Cryptanalysis. In: Lee P.J., Cheon J.H. (eds.) ICISC 08, vol. 5461, pp. 399–414. LNCS. Springer, Heidelberg (2009).
Pieprzyk J., Qu C.X.: Rotation-symmetric functions and fast hashing. In: Boyd C., Dawson E. (eds.) Information Security and Privacy, pp. 169–180. Springer, Berlin (1998).
Rizomiliotis P.: On the resistance of Boolean functions against algebraic attacks using univariate polynomial representation. IEEE Trans. Inf. Theory 56(8), 4014–4024 (2010).
Sarkar S., Maitra S.: Construction of Rotation Symmetric Boolean Functions with Maximum Algebraic Immunity on Odd Number of Variables. Cryptology ePrint Archive, Report 2007/290 (2007)
Siegenthaler T.: Correlation-immunity of nonlinear combining functions for cryptographic applications. IEEE IT 30(5), 776–780 (1984).
Song S., Zhang J., Du J., Wen Q.: On the construction of Boolean functions with optimal algebraic immunity and good other properties by concatenation. In: 2010 IEEE International Conference on Progress in Informatics and Computing. vol. 1, pp. 417–422 (2010)
Stanica P., Maitra S., Clark J.A.: Results on rotation symmetric bent and correlation immune Boolean functions. In: Roy B.K., Meier W. (eds.) FSE 2004, vol. 3017, pp. 161–177. LNCS, Heidelberg (2004).
Su S., Tang X.: Construction of rotation symmetric Boolean functions with optimal algebraic immunity and high nonlinearity. Des. Codes Cryptogr. 71, 183–199 (2014).
Tang X., Tang D., Zeng X., Hu .Balanced Boolean Functions with (Almost) Optimal Algebraic Immunity and Very High Nonlinearity. Cryptology ePrint Archive, Report 2010/443 (2010)
Tang D., Carlet C., Tang X.: Highly nonlinear Boolean functions with optimal algebraic immunity and good behavior against fast algebraic attacks. IEEE Trans. Inf. Theory 59(1), 653–664 (2013).
Tang D., Carlet C., Tang X.: A class of 1-resilient Boolean functions with optimal algebraic immunity and good behavior against fast algebraic attacks. Int. J. Found. Comput. Sci. 25, 763–780 (2014).
Tang D., Carlet C., Tang X., Zhou Z.: Construction of highly nonlinear 1-resilient Boolean functions with optimal algebraic immunity and provably high fast algebraic immunity. IEEE Trans. Inf. Theory 63, 6113–6125 (2017).
Tarannikov Y.: On Resilient Boolean Functions with Maximal Possible Nonlinearity. In: Roy B.K., Okamoto E. (eds.) INDOCRYPT 2000, vol. 1977, pp. 19–30. LNCS. Springer, Heidelberg (2000).
Wang T., Liu M., Lin D.: Construction of resilient and nonlinear Boolean functions with almost perfect immunity to algebraic and fast algebraic attacks. In: International Conference on Information Security and Cryptology (2013)
Wu B., Zheng J., Lin D.: Constructing Boolean functions with (potentially) optimal algebraic immunity based on multiplicative decompositions of finite fields. In: ISIT, pp. 491–495 (2015)
Yang J., Guo Q., Johansson T., Lentmaier M.: Revisiting the concrete security of Goldreich’s pseudorandom generator. IEEE Trans. Inf. Theory 68(2), 1329–1354 (2022). https://doi.org/10.1109/TIT.2021.3128315.
Zeng X., Carlet C., Shan J., Hu L.: More balanced Boolean functions with optimal algebraic immunity and good nonlinearity and resistance to fast algebraic attacks. IEEE Trans. Inf. Theory 57(9), 6310–6320 (2011).
Zhang H., Su S.: A new construction of rotation symmetric Boolean functions with optimal algebraic immunity and higher nonlinearity. Discret. Appl. Math. 262, 13–28 (2019).
Zhang P., Dong D., Shaojing F., Li C.: New constructions of evenvariable rotation symmetric Boolean functions with maximum algebraic immunity. Math. Comput. Model. 55(3), 828–836 (2012).
Zheng J., Baofeng W., Chen Y.-F., Liu Z.: Constructing 2m-variable Boolean functions with optimal algebraic immunity based on polar decomposition of F22m. Int. J. Found. Comput. Sci. 25, 537–551 (2014).
Ziran T., Deng Y.: A conjecture about binary strings and its applications on constructing Boolean functions with optimal algebraic immunity. DCC 60, 1–14 (2011).
Ziran T., Deng Y.: Boolean functions optimizing most of the cryptographic criteria. Discret. Appl. Math. 160, 427–435 (2012).
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by M. Eichlseder.
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Supplementary Information
Below is the link to the electronic supplementary material.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Dupin, A., Méaux, P. & Rossi, M. On the algebraic immunity—resiliency trade-off, implications for Goldreich’s pseudorandom generator. Des. Codes Cryptogr. 91, 3035–3079 (2023). https://doi.org/10.1007/s10623-023-01220-w
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10623-023-01220-w