Abstract
Substitution boxes (S-boxes) are important components of block ciphers that can cause confusion in cryptosystems. The functions used as S-boxes should have low differential uniformity, high nonlinearity and high algebraic degree. When \(k>3\), due to the lack of knowledge about the existence of almost perfect nonlinear permutations over \(\mathbb {F}_{2^{2k}}\), which can offer optimal resistance to the differential cryptanalysis, S-boxes are often constructed from differentially 4-uniform permutations. To date, many infinite families of such functions have been constructed. In addition, the lower hardware implementation cost of S-boxes is an important criterion in the design of block ciphers. If the S-box is an involution, which means that the permutation is its own compositional inverse, then the implementation cost for its inverse can be saved. The same hardware circuit can thus be used for both encryption and decryption, which is an advantage in hardware implementation. In this paper, we investigate all of the differentially 4-uniform permutations that are known in the literature and determine whether they can be involutory. We find that some involutory differentially 4-uniform permutations with high nonlinearity and algebraic degree can be given from these known constructions. We also give some partial results and computer experiments to consider the problem of whether a permutation can be affine equivalent to an involution or it will become an involution upon adding an affine function. Some new families of differentially 4-uniform involutions constructed by composing the inverse function and cycles with length 3 are also given. This family of constructions has a high nonlinearity and a maximum algebraic degree.
Similar content being viewed by others
References
Banik S., Bogdanov A., Isobe T., Shibutani K., Hiwatari H., Akishita T., Regazzoni F.: Midori: a block cipher for low energy. In: Advances in Cryptology—ASIACRYPT 2015—21st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, November 29–December 3, 2015, Proceedings, Part II, pp. 411–436 (2015).
Borghoff J., Canteaut A., Güneysu T., Kavun E.B., Knezevic M., Knudsen L.R., Leander G., Nikov V., Paar C., Rechberger C., Rombouts P., Thomsen S., Yalçin T.: PRINCE—a low-latency block cipher for pervasive computing applications—extended abstract. In: Advances in Cryptology—ASIACRYPT 2012—18th International Conference on the Theory and Application of Cryptology and Information Security, Beijing, China, December 2–6, 2012. Proceedings, pp. 208–225 (2012).
Browning K.A., Dillon J.F., McQuistan M.T., Wolfe A.J.: An APN permutation in dimension six. In: Postproceedings of the 9th International Conference on Finite Fields and Their Applications Fq’9. Contemporary Mathematics, vol. 518, pp. 33–42. AMS (2010).
Biryukov A.: Analysis of involutional ciphers: Khazad and Anubis. In: 10th International Workshop Fast Software Encryption, FSE 2003, Lund, Sweden, February 24–26, 2003, Revised Papers, pp. 45–53 (2003).
Bracken C., Leander G.: A highly nonlinear differentially 4 uniform power mapping that permutes fields of even degree. Finite Fields Appl. 16(4), 231–242 (2010).
Biham E., Shamir A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptol. 4(1), 3–72 (1991).
Bracken C., How Tan C., Tan Y.: Binomial differentially 4 uniform permutations with high nonlinearity. Finite Fields Appl. 18(3), 537–546 (2012).
Carlet C.: Vectorial Boolean functions for cryptography. In: Crama Y., Hammer P.L. (eds.) Boolean Models and Methods in Mathematics, Computer Science, and Engineering, vol. 134, pp. 398–471. Encyclopedia of Mathematics and its Applications, Chapter 9Cambridge University Press, New York (2010).
Carlet C.: On known and new differentially uniform functions. In: Proceedings of the 16th Australasian Conference Information Security and Privacy, ACISP 2011, Melbourne, Australia, July 11–13, 2011, pp. 1–15 (2011).
Carlet C., Charpin P., Zinoviev V.: Codes, bent functions and permutations suitable for DES-like cryptosystems. Des. Codes Cryptogr. 15(2), 125–156 (1998).
Canteaut A., Duval S., Perrin L.: A generalisation of Dillon’s APN permutation with the best known differential and nonlinear properties for all fields of size \(2^{4k+2}\). IEEE Trans. Inf. Theory 63(11), 7575–7591 (2017).
Chen X., Deng Y., Zhu M., Qu L.: An equivalent condition on the switching construction of differentially 4-uniform permutations on from the inverse function. Int. J. Comput. Math. 94, 1–16 (2016).
Canteaut A., Roué J.: On the behaviors of affine equivalent sboxes regarding differential and linear attacks. In: Proceedings of the 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques Advances in Cryptology (EUROCRYPT 2015), Sofia, Bulgaria, April 26–30, 2015, Part I, pp. 45–74 (2015).
Carlet C., Tang D., Tang X., Liao Q.: New construction of differentially 4-uniform bijections. In: Lin D. et al. (eds.) Proceedings of the 9th International Conference on Information Security and Cryptology (Inscrypt 2013), Guangzhou, China, November 27–30, 2013, pp. 22–38. Springer, New York (2014).
Chabaud F., Vaudenay S.: Links between differential and linear cryptanalysis. In: Advances in Cryptology—EUROCRYPT’94, Workshop on the Theory and Application of Cryptographic Techniques, Perugia, Italy, May 9–12, 1994, Proceedings, pp. 356–365 (1994).
Dobbertin H.: One-to-one highly nonlinear power functions on GF(\(2^n\)). Appl. Algebra Eng. Commun. Comput. 9(2), 139–152 (1998).
Fu S., Feng X., Wu B.: Differentially 4-uniform permutations with the best known nonlinearity from butterflies. IACR Trans. Symmetric Cryptol. 2017(2), 228–249 (2017).
Grosso V., Leurent G., Standaert F.-X., Varici K., Durvaux F., Gaspar L., Kerckhof S.: SCREAM & iSCREAM side-channel resistant authenticated encryption with masking. Submission to CAESAR, 2014. https://competitions.cr.yp.to/round1/screamv1.pdf.
Gold R.: Maximal recursive sequences with 3-valued recursive cross-correlation functions. IEEE Trans. Inf. Theory 14(1), 154–156 (1968).
Hirschfeld J.W.P.: Projective Geometries Over Finite Fields, 2nd edn. Oxford Mathematical Monographs, Oxford University Press, Oxford (1998).
Kasami T.: The weight enumerators for several classes of subcodes of the 2nd order binary reed-muller codes. Inf. Control 18(4), 369–394 (1971).
Knudsen L.R.: Truncated and higher order differentials. In: Proceedings of the Second International Workshop on Fast Software Encryption, Leuven, Belgium, 14–16 December 1994, pp. 196–211 (1994).
Kyureghyan G.M.M., Suder V.: On inverses of APN exponents. In: Proceedings of the 2012 IEEE International Symposium on Information Theory, ISIT 2012, Cambridge, MA, USA, July 1–6, 2012, pp. 1207–1211 (2012).
Lai X.: Higher order derivatives and differential cryptanalysis. In: Blahut R.E., Costello D.J., Maurer U., Mittelholzer T. (eds.) Communications and Cryptography: Two Sides of One Tapestry, vol. 276, pp. 227–233. The Springer International Series in Engineering and Computer ScienceSpringer, Boston (1994).
Li Y., Wang M.: On EA-equivalence of certain permutations to power mappings. Des. Codes Cryptogr. 58(3), 259–269 (2011).
Li Y., Mingsheng W.: Permutation polynomials EA-equivalent to the inverse function over GF(\(2^n\)). Cryptogr. Commun. 3(3), 175–186 (2011).
Li Y., Wang M.: Constructing differentially 4-uniform permutations over GF(\(2^{2m}\)) from quadratic APN permutations over GF(\(2^{2m+1})\). Des. Codes Cryptogr. 72(2), 249–264 (2014).
Li Y., Wang M., Yu Y.: Constructing differentially 4-uniform permutations over GF(\(2^{2k}\)) from the inverse function revisited. IACR Cryptology ePrint Archive: Report 2013/731, 2013. https://eprint.iacr.org/2013/731.
Matsui M.: Linear cryptanalysis method for DES cipher. In: Advances in Cryptology—EUROCRYPT’93, Workshop on the Theory and Application of of Cryptographic Techniques, Proceedings, Lofthus, Norway, May 23–27, 1993, pp. 386–397 (1993).
MacWilliams F.J., Sloane N.J.A.: The Theory of Error-correcting Codes. North-Holland Mathematical LibraryNorth-Holland Pub. Co., New York (1977).
Nyberg K.: Differentially uniform mappings for cryptography. InL Advances in Cryptology—EUROCRYPT’93, Workshop on the Theory and Application of of Cryptographic Techniques, Proceedings, Lofthus, Norway, May 23–27, 1993, pp. 55–64 (1993).
Peng J., Tan C.H.: New explicit constructions of differentially 4-uniform permutations via special partitions of \(\mathbb{F}_{2^{2k}}\). Finite Fields Appl. 40, 73–89 (2016).
Peng J., Tan C.H.: New differentially 4-uniform permutations by modifying the inverse function on subfields. Cryptogr. Commun. 9(3), 363–378 (2017).
Peng J., Tan C.H., Wang Q.: A new family of differentially 4-uniform permutations over \(\mathbb{F}_{2^{2k}}\) for odd \(k\). Sci. China Math. 59(6), 1221–1234 (2016).
Perrin L., Udovenko A., Biryukov A.: Cryptanalysis of a theorem: decomposing the only known solution to the big APN problem. In: Advances in Cryptology—CRYPTO 2016—36th Annual International Cryptology Conference, Proceedings, Santa Barbara, CA, USA, August 14–18, 2016, Part II, pp. 93–122 (2016).
Qu L., Tan Y., Li C., Gong G.: More constructions of differentially 4-uniform permutations on \(\mathbb{F}_{2^{2k}}\). Des. Codes Cryptogr. 78(2), 391–408 (2016).
Qu L., Tan Y., Tan C.H., Li C.: Constructing differentially 4-uniform permutations over \(\mathbb{F}_{2^{2k}}\) via the switching method. IEEE Trans. Inf. Theory 59(7), 4675–4686 (2013).
Tang D., Carlet C., Tang X.: Differentially 4-uniform bijections by permuting the inverse function. Des. Codes Cryptogr. 77(1), 117–141 (2015).
Yuyin Y., Wang M., Li Y.: Constructing differentially 4 uniform permutations from known ones. Chin. J. Electron. 22(3), 495–499 (2013).
Zha Z., Lei H., Sun S.: Constructing new differentially 4-uniform permutations from the inverse function. Finite Fields Appl. 25, 64–78 (2014).
Zha Z., Lei H., Sun S., Shan J.: Further results on differentially 4-uniform permutations over \(\mathbb{F}_{2^{2m}}\). Sci. China Math. 58(7), 1577–1588 (2015).
Acknowledgements
The authors would like to thank the anonymous reviewers and editors for their comments and suggestions, which significantly improved the quality and presentation of this paper. This work was supported by the National Natural Science Foundation of China (No. 61572491 and 11688101), the National Key Research and Development Program of China (No. 2016YFB0800401), and Science and Technology on Communication Security Laboratory (No. 6142103010701).
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by C. Carlet.
Rights and permissions
About this article
Cite this article
Fu, S., Feng, X. Involutory differentially 4-uniform permutations from known constructions. Des. Codes Cryptogr. 87, 31–56 (2019). https://doi.org/10.1007/s10623-018-0482-5
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10623-018-0482-5