Cryptanalysis of a Theorem: Decomposing the Only Known Solution to the Big APN Problem

PERRIN, Léo Paul; UDOVENKO, Aleksei; BIRYUKOV, Alex

doi:10.1007/978-3-662-53008-5_4

Download

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

Cryptanalysis of a Theorem: Decomposing the Only Known Solution to the Big APN Problem

PERRIN, Léo Paul; UDOVENKO, Aleksei; BIRYUKOV, Alex

2016 • In Robshaw, Matthew; Katz, Jonathan (Eds.) Advances in Cryptology – CRYPTO 2016

Peer reviewed

Permalink
https://hdl.handle.net/10993/28414

DOI
10.1007/978-3-662-53008-5_4

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

539(1).pdf

Author postprint (695.45 kB)

Download

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

Boolean functions; Bitsliced implementation; Feistel Network; CCZ-equivalence; S-Box decomposition; Butterfly structure; APN

Abstract :

[en] The existence of Almost Perfect Non-linear (APN) permutations operating on an even number of bits has been a long standing open question until Dillon et al., who work for the NSA, provided an example on 6 bits in 2009. In this paper, we apply methods intended to reverse-engineer S-Boxes with unknown structure to this permutation and find a simple decomposition relying on the cube function over GF(2^3) . More precisely, we show that it is a particular case of a permutation structure we introduce, the butterfly. Such butterflies are 2n-bit mappings with two CCZ-equivalent representations: one is a quadratic non-bijective function and one is a degree n+1 permutation. We show that these structures always have differential uniformity at most 4 when n is odd. A particular case of this structure is actually a 3-round Feistel Network with similar differential and linear properties. These functions also share an excellent non-linearity for n=3,5,7. Furthermore, we deduce a bitsliced implementation and significantly reduce the hardware cost of a 6-bit APN permutation using this decomposition, thus simplifying the use of such a permutation as building block for a cryptographic primitive.

Disciplines :

Computer science

Author, co-author :

PERRIN, Léo Paul ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

UDOVENKO, Aleksei ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

BIRYUKOV, Alex ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)

External co-authors :

Language :

English

Title :

Cryptanalysis of a Theorem: Decomposing the Only Known Solution to the Big APN Problem

Publication date :

21 July 2016

Event name :

36th Annual International Cryptology Conference

Event organizer :

nternational Association for Cryptologic Research

Event place :

Santa Barbara, United States - California

Event date :

August 14-18, 2016

Audience :

International

Main work title :

Advances in Cryptology – CRYPTO 2016

Editor :

Robshaw, Matthew

Katz, Jonathan

Publisher :

Springer Berlin Heidelberg, Berlin, Germany

ISBN/EAN :

978-3-662-53007-8

Pages :

93-122

Peer reviewed :

Peer reviewed

Focus Area :

Computational Sciences

Additional URL :

http://eprint.iacr.org/2016/539

FnR Project :

FNR4009992 - Applied Cryptography For The Internet Of Things, 2012 (01/07/2013-30/06/2016) - Alex Biryukov

Funders :

FNR - Fonds National de la Recherche

Available on ORBilu :

since 19 September 2016

Statistics

Number of views

270 (15 by Unilu)

Number of downloads

394 (10 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

OpenCitations

OpenAlex citations

WoS citations^™