Abstract
The choice of functions \(S: \mathbb{F}_2^n\mapsto \mathbb{F}_2^m\) to be used as substitution boxes (S-boxes), fastly implementable and contributing to resisting attacks is a crucial question for the design of block ciphers. We summary the state of the art in this domain, considering also the case m < n which has been less studied. We also recall the method for protecting block ciphers against side channel attacks (SCA) by masking, and how the S-boxes can be processed in order to ensure this protection. We state a related open problem, also interesting for its own sake. We eventually see how Boolean functions, vectorial functions and error correcting codes can be used in different ways for reducing the cost of masking while keeping the same resistance to some SCA and also for allowing resisting fault injection attacks (FIA).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Adams, C.M.: Constructing symmetric ciphers using the CAST design procedure. Designs, Codes, and Cryptography (12), 283–316 (1997)
Al Salami, Y.: Constructions with High Algebraic Degree of Differentially 4-uniform (n, n − 1)-Functions and Differentially 8-uniform (n, n − 2)-Functions. Preprint (2015)
Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., Moriai, S., Nakajima, J., Tokita, T.: Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms - Design and Analysis. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, pp. 39–56. Springer, Heidelberg (2001)
Anderson, R., Biham, E., Knudsen, L.: Serpent: A proposal for the advanced encryption standard (1998). http://www.cl.cam.ac.uk/ftp/users/rja14/serpent.pdf
Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: STOC 1988: Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, pp. 1–10. ACM, New York (1988)
Beth, T., Ding, C.: On almost perfect nonlinear permutations. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 65–76. Springer, Heidelberg (1994)
Bhasin, S., Carlet, C., Guilley, S.: Theory of masking with codewords in hardware: low weight d-th order correlation-immune functions. IACR ePrint Archive 2013/303
Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. Journal of Cryptology 4(1), 3–72 (1991)
Blakley, G.: Safeguarding cryptographic keys. In: National Comp. Conf., vol. 48, pp. 313–317. AFIPS Press, New York (1979)
Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: An Ultra-Lightweight Block Cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)
Bracken, C., Leander, G.: A highly nonlinear differentially 4 uniform power mapping that permutes fields of even degree. Finite Fields and their Applications 16(4), 231–242 (2010)
Bracken, C., Tan, C.H., Tan, Y.: Binomial differentially 4-uniform permutations with high nonlinearity. Finite Fields Applications 18, 537–546 (2012)
Brier, E., Clavier, C., Olivier, F.: Correlation Power Analysis with a Leakage Model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)
Bringer, J., Carlet, C., Chabanne, H., Guilley, S., Maghrebi, H.: Orthogonal Direct Sum Masking - A Smartcard Friendly Computation Paradigm in a Code, with Builtin Protection against Side-Channel and Fault Attacks. In: Naccache, D., Sauveron, D. (eds.) WISTP 2014. LNCS, vol. 8501, pp. 40–56. Springer, Heidelberg (2014)
Browning, K., Dillon, J.F., McQuistan, M.T., Wolfe, A.J.: An APN permutation in dimension six. Contemporary Mathematics 58, 33–42 (2010)
Bruneau, N., Guilley, S., Heuser, A., Rioul, O.: Masks Will Fall Off. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part II. LNCS, vol. 8874, pp. 344–365. Springer, Heidelberg (2014)
Camion, P., Carlet, C., Charpin, P., Sendrier, N.: On correlation-immune functions. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 86–100. Springer, Heidelberg (1992)
Carlet, C.: The monography “Boolean Models and Methods in Mathematics, Computer Science, and Engineering”. In: Crama, Y., Hammer, P.L. (eds.) Boolean Functions for Cryptography and Error Correcting Codes, pp. 257–397. Cambridge University Press (2010), Preliminary version available at http://www.math.univ-paris13.fr/~carlet/pubs.html
Carlet, C.: The monography Boolean Models and Methods in Mathematics, Computer Science, and Engineering. In: Crama, Y., Hammer, P.L. (eds.) Vectorial boolean functions for cryptography, pp. 398–469. Cambridge University Press (2010), Preliminary version available at http://www.math.univ-paris13.fr/~carlet/pubs.html
Carlet, C.: On Known and New Differentially Uniform Functions. In: Proceedings of Information Security and Privacy - 16th Australasian Conference (ACISP) 2011, Melbourne, pp. 1–15 (2011)
Carlet, C., Al Salami, Y.: A New Construction of Differentially 4-uniform (n,n − 1)-Functions. To appear in Advances in Mathematics of Communications (2015)
Carlet, C., Daif, A., Danger, J.-L., Guilley, S., Najm, Z., Thuy Ngo, X., Porteboeuf, T., Tavernier, C.: Optimized Linear Complementary Codes Implementation for Hardware Trojan Prevention. In: Proceedings of ECCTD (2015, to appear)
Carlet, C., Danger, J.-L., Guilley, S., Maghrebi, H.: Leakage Squeezing of Order Two. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 120–139. Springer, Heidelberg (2012)
Carlet, C., Freibert, F., Guilley, S., Kiermaier, M., Kim, J.-L., Solé, P.: Higher-order CIS codes. IEEE Transactions on Information Theory 60(9), 5283–5295 (2014)
Carlet, C., Gaborit, P., Kim, J.-L., Solé, P.: A new class of codes for Boolean masking of cryptographic computations. IEEE Transactions on Information Theory 58(9), 6000–6011 (2012)
Carlet, C., Goubin, L., Prouff, E., Quisquater, M., Rivain, M.: Higher-order masking schemes for S-boxes. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 366–384. Springer, Heidelberg (2012)
Carlet, C., Guilley, S.: Correlation-immune Boolean functions for easing counter-measures to side channel attacks. In: Proceedings of the Workshop “Emerging Applications of Finite Fields” Part of the Semester Program on Applications of Algebra and Number Theory, Linz, December 9-13. Algebraic Curves and Finite Fields, Radon Series on Computational and Applied Mathematics, pp. 41–70. Published by de Gruyter (2014)
Carlet, C., Guilley, S.: Side-channel indistinguishability. In: Proceedings of HASP 2013, 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, Tel Aviv, Israel, pp. 9:1–9:8. ACM, New York (2013)
Carlet, C., Guilley, S.: Complementary Dual Codes for Counter-Measures to Side-Channel Attacks. In: 4th International Castle Meeting, Palmela Castle, Portugal, September 15-18. CIM Series in Mathematical Sciences, vol. 3 (2014) (Submitted to the post-proceedings to appear in AMC)
Carlet, C., Prouff, E., Rivain, M., Roche, T.: Algebraic Decomposition for Probing Security. In: Gennaro, R., Robshaw, M. (eds.) Proceedings of CRYPTO 2015. LNCS, vol. 9215, pp. 742–763. Springer, Heidelberg (2015)
Chari, S., Jutla, C., Rao, J., Rohatgi, P.: Towards Sound Approaches to Counteract Power-Analysis Attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)
Chen, H., Cramer, R., Goldwasser, S., de Haan, R., Vaikuntanathan, V.: Secure computation from random error correcting codes. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 291–310. Springer, Heidelberg (2007)
Coron, J.-S.: Higher order masking of look-up tables. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 441–458. Springer, Heidelberg (2014)
Coron, J.-S., Giraud, C., Prouff, E., Renner, S., Rivain, M., Vadnala, P.K.: Conversion of security proofs from one leakage model to another: A new issue. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 69–81. Springer, Heidelberg (2012)
Coron, J.-S., Roy, A., Vivek, S.: Fast Evaluation of Polynomials over Finite Fields and Application to Side-channel Countermeasures. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 170–187. Springer, Heidelberg (2014); J. Cryptographic Engineering 5(2), 73–83 (2015)
Daemen, J., Rijmen, V.: The design of Rijndael: AES: The advanced encryption standard. Springer (2002)
Dobbertin, H.: Almost perfect nonlinear power functions over GF(2n): the Welch case. IEEE Transactions on Information Theory 45, 1271–1275 (1999)
Dobbertin, H.: Almost perfect nonlinear power functions over GF(2n): the Niho case. Information and Computation 151, 57–72 (1999)
Dobbertin, H.: Almost perfect nonlinear power functions on GF(2n): a new case for n divisible by 5. In: Proceedings of Finite Fields and Applications Fq5, Augsburg, Germany, pp. pp. 113–121. Springer (2000)
Karatsuba, A., Ofman, Y.: Multiplication of many-digital numbers by automatic computers. Proceedings of the USSR Academy of Sciences 145, 293–294 (1962); Translation in the academic journal Physics-Doklady, 7, pp. 595–596 (1963)
European Telecommunications Standards Institute. Technical Specification 135 202 V9.0.0: Universal mobile telecommunications system (UMTS); LTE; specification of the 3GPP confidentiality and integrity algorithms; Document 2: KASUMI specification (3GPP TS 35.202 V9.0.0 Release 9)
Genelle, L., Prouff, E., Quisquater, M.: Thwarting higher-order side channel analysis with additive and multiplicative maskings. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 240–255. Springer, Heidelberg (2011)
Gold, R.: Maximal recursive sequences with 3-valued recursive cross-correlation functions. IEEE Transactions on Information Theory 14, 154–156 (1968)
Grosso, V., Standaert, F.-X., Prouff, E.: Low Entropy Masking Schemes, Revisited. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 33–43. Springer, Heidelberg (2014)
Ishai, Y., Sahai, A., Wagner, D.: Private Circuits: Securing Hardware against Probing Attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003)
Kasami, T.: The weight enumerators for several classes of subcodes of the second order binary Reed-Muller codes. Information and Control 18, 369–394 (1971)
Knudsen, L.R.: Truncated and higher order differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995)
Knudsen, L.R., Robshaw, M.: The block cipher companion. Springer (2011)
Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Maghrebi, M., Guilley, S., Danger, J.-L.: Leakage Squeezing Countermeasure Against High-Order Attacks. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 208–223. Springer, Heidelberg (2011)
Maghrebi, H., Carlet, C., Guilley, S., Danger, J.-L.: Optimal first-order masking with linear and non-linear bijections. In: Mitrokotsa, A., Vaudenay, S. (eds.) AFRICACRYPT 2012. LNCS, vol. 7374, pp. 360–377. Springer, Heidelberg (2012)
Mangard, S., Popp, T., Gammel, B.M.: Side-Channel Leakage of Masked CMOS Gates. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 351–365. Springer, Heidelberg (2005)
Mangard, S., Pramstaller, N., Oswald, E.: Successfully Attacking Masked AES Hardware Implementations. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 157–171. Springer, Heidelberg (2005)
Massey, J.L.: Linear codes with complementary duals. Discrete Mathematics 106-107, 337–342 (1992)
Massey, J.L.: Minimal Codewords and Secret Sharings. In: Sixth Joint Sweedish-Russian Workshop on Information Theory, pp. 246–249 (1993)
Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)
Matsui, M.: Block encryption algorithm MISTY. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 54–68. Springer, Heidelberg (1997)
Messerges, T.: Using Second-order Power Analysis to Attack DPA Resistant software. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000)
National Institute of Standards and Technology. Data encryption standard (AES). Federal Information Processing Standards Publication 49-3. United States National Institute of Standards and Technology (NIST). Reaffirmed on October 25, 1999
Nyberg, K.: Perfect nonlinear S-boxes. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 378–386. Springer, Heidelberg (1991)
Nyberg, K., Knudsen, L.R.: Provable security against a differential attack. Journal of Cryptology 8(1), 27–37 (1995)
Omura, J., Massey, J.L.: Computational method and apparatus for finite field arithmetic. Technical report, Omnet Associates, Patent Number 4,587,627 (May 1986)
Piret, G., Roche, T., Carlet, C.: PICARO - A block cipher allowing efficient higher-order side-channel resistance. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 311–328. Springer, Heidelberg (2012)
Prouff, E., Roche, T.: Higher-order glitches free implementation of the aes using secure multi-party computation protocols. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 63–78. Springer, Heidelberg (2011)
Prouff, E., Rivain, M., Bevan, R.: Statistical Analysis of Second Order Differential Power Analysis. IEEE Trans. Computers 58(6), 799–811 (2009)
Rivain, M., Prouff, E.: Provably secure higher-order masking of aes. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 413–427. Springer, Heidelberg (2010)
Roy, A., Vivek, S.: Analysis and improvement of the generic higher-order masking scheme of fse 2012. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 417–434. Springer, Heidelberg (2013)
Shamir, A.: How to Share a Secret. Commun. ACM 22(11), 612–613 (1979)
Shannon, C.E.: Communication theory of secrecy systems. Bell System Technical Journal 28, 656–715 (1949)
Shirai, T., Shibutani, K., Akishita, T., Moriai, S., Iwata, T.: The 128-Bit Blockcipher CLEFIA. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 181–195. Springer, Heidelberg (2007)
Siegenthaler, T.: Decrypting a Class of Stream Ciphers Using Ciphertext Only. IEEE Transactions on Computer C-34(1), 81–85 (1985)
Sunar, B., Koç, Ç.K.: An efficient optimal normal basis type ii multiplier. IEEE Trans. Computers 50(1), 83–87 (2001)
Tan, Y., Qu, L., Tan, C., Li, C.: New families of differentially 4-uniform permutations over \(\mathbb{F}_{2^{2k}}\). In: Helleseth, T., Jedwab, J. (eds.) SETA 2012. LNCS, vol. 7280, pp. 25–39. Springer, Heidelberg (2012)
Waddle, J., Wagner, D.: Towards Efficient Second-Order Power Analysis. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 1–15. Springer, Heidelberg (2004)
Xu, G., Cao, X., Xu, S.: Constructing new differentially 4-uniform permutations and APN functions over finite fields. To appear in Cryptography and Communications - Discrete Structures, Boolean Functions and Sequences (2015)
Yu, Y., Wang, M., Li, Y.: Constructing low differential uniformity functions from known ones. Chinese Journal of Electronics 22(3), 495–499 (2013)
Zha, Z., Hu, L., Sun, S.: Constructing new differentially 4-uniform permutations from the Inverse function. Finite Fields Applications 25, 64–78 (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Carlet, C. (2015). S-boxes, Boolean Functions and Codes for the Resistance of Block Ciphers to Cryptographic Attacks, with or without Side Channels. In: Chakraborty, R., Schwabe, P., Solworth, J. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2015. Lecture Notes in Computer Science(), vol 9354. Springer, Cham. https://doi.org/10.1007/978-3-319-24126-5_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-24126-5_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24125-8
Online ISBN: 978-3-319-24126-5
eBook Packages: Computer ScienceComputer Science (R0)