一类4-差分置换的构造

为了抵抗已知的攻击,用于分组密码S-盒中的多输出布尔函数应具有较好的差分性质,较高的非线性度和较高的代数次数等密码学性质.在某些分组密码中,还要求这些多输出布尔函数是有限域F_(2~n)上的置换,这里n为偶数.文章将F_(2~n)分为两个子集,通过在这两个子集上分别定义不同置换的方法构造了一类4-差分置换,证明了这类置换具有最优的代数次数,且含有高非线性度的子类.进一步地,通过实例对该函数类与12类4-差分置换进行了CCZ不等价性分析.     

特征为2的有限域上的一类差分4一致函数

有限域上的低差分一致性函数在密码学中有着重要的应用背景.目前人们发现的特征为2的有限域上的差分4一致函数并不是很多.通过交换定义在有限域F_2~n上的Kasami几乎完全非线性函数x~(2~(2k)—2~k+1)任意两点之间的取值,给出了一类新的差分4一致函数;并在n为奇数的情况下,证明了所给出的这类函数是具有较高非线性度和代数次数的置换函数.     

特征为2的有限域上的一类差分4一致函数北大核心CSCD

有限域上的低差分一致性函数在密码学中有着重要的应用背景.目前人们发现的特征为2的有限域上的差分4一致函数并不是很多.通过交换定义在有限域F_2~n上的Kasami几乎完全非线性函数x^(2^(2k)—2~k+1)任意两点之间的取值,给出了一类新的差分4一致函数;并在n为奇数的情况下,证明了所给出的这类函数是具有较高非线性度和代数次数的置换函数.     

F2^n上4次正形置换多项式的形式与计数

分组峦码是现代密码学中一个重要的研究分支，而置换理论在分组密码中有重要的地位．199j年，美国Tcledyne电子技术公司的Lothrop Mittenthal博士提出了一种置换，即正形置换．止形置换是一类完全映射，完全映射是由Mann在1942年研究正交拉丁方的构造时引入的，其具有良好的密码学性质（良好的扩散性和完令平衡性），因此，正形置换常用来构造密码系统的算法，研究正形置换也就非常订必要．本文根据文章[1]的方法讨论了F2^n（n=4，5）上的4次正形置换多项式的形式与计数，至于n〉5的情形我们将在以后的篇章中继续讨论．     

递归构造多个具有最优代数免疫度的平衡布尔函数

代数免疫度是针对代数攻击而提出来的一个新的密码学概念.要能够有效地抵抗代数攻击,密码系统中使用的布尔函数必须具有平衡性、较高的代数次数、较高的非线性度和较高的代数免疫度等.为了提高布尔函数的密码学性能,通过布尔函数仿射等价的方法,找出了所有具有最优代数免疫度的三变元布尔函数.由这些具有最优代数免疫度的三变元非线性布尔函数,递归构造了一类代数免疫度最优、代数次数较高的平衡布尔函数.给出了这类布尔函数非线性度的一个下界,偶数变元时,其下界严格大于Lobanov给出的下界.     

关于二元四次样条插值与逼近

文［１］中讨论了上的插值问题，其中的插值函数表达式用到被插值函数的二阶导数．本文进一步研究空间上的一类新的二元样条插值形式，其中仅用到插值函数的一阶导数．证明了该插值形式的唯一性与存在性，且不需要解高维的线性方程组．最后给出了逼近度问题．     

一类4次旋转对称布尔函数的汉明重量和非线性度

旋转对称布尔函数在密码学中具有重要的应用价值.本文研究了一类特殊4次的旋转对称布尔函数的快速求值及其汉明重量的递归关系,通过将该函数分解成数个子函数,并利用这些函数的傅里叶变换值的递归关系,证明了其汉明重量与非线性度相等.本文的结果和处理指数和的方法对于进一步研究Cusick的一个猜想可能有帮助.     

F_2~n上4次正形置换多项式的形式与计数

分组密码是现代密码学中一个重要的研究分支,而置换理论在分组密码中有重要的地位.1995年,美国Teledyne电子技术公司的Lothrop Mittenthal博士提出了一种置换,即正形置换.正形置换是一类完全映射,完全映射是由Mann在1942年研究正交拉丁方的构造时引入的,其具有良好的密码学性质(良好的扩散性和完全平衡性),因此,正形置换常用来构造密码系统的算法,研究正形置换也就非常有必要.本文根据文章[1]的方法讨论了F2n(n=4,5)上的4次正形置换多项式的形式与计数,至于n5的情形我们将在以后的篇章中继续讨论.     

GF(2~(2m))上一个具有轻量硬件实现和已知最优密码学性质的完全置换（英文）

完全置换是在密码算法的设计中广泛适用的特殊置换.在密码应用中,常常要求置换具有低的差分均匀度和高的非线性度,以抵抗差分和线性攻击.在轻量密码算法的应用中,一个置换应当具有低的硬件实现代价.本文在偶数域GF(2~(2m))(m为奇数)上给出了一个差分均匀度为4,具有最高非线性度且具有轻量实现代价的完全置换.该置换从域的一个2次子域GF(2~m)的一个置换函数构造而来,这意味该置换具有低的硬件实现代价.     

Bergman－Weil积分公式的拓广

本文把Ｃｎ空间中著名的Ｂｅｒｇｍａｎ－Ｗｅｉｌ公式拓广到一类具有低维解析待征流形的微分多面体域上，从而获得在一类非解析的多面体域上建立具有全纯核的全纯函数的积分表示式．     

Construction of balanced Boolean functions with high nonlinearity and good autocorrelation properties

Boolean functions with high nonlinearity and good autocorrelation properties play an important role in the design of block ciphers and stream ciphers. In this paper, we give a method to construct balanced Boolean functions of n variables, where n ≥ 10 is an even integer, satisfying strict avalanche criterion (SAC), and with high algebraic degree. Compared with the known balanced Boolean functions with SAC property, the constructed functions possess the highest nonlinearity and the best global avalanche characteristics property.     

Vectorial Resilient PC（l） of Order k Boolean Functions from AG-Codes

Propagation criteria and resiliency of vectorial Boolean functions are important for cryptographic purpose (see [1–4, 7, 8, 10, 11, 16]). Kurosawa, Stoh [8] and Carlet [1] gave a construction of Boolean functions satisfying PC(l) of order k from binary linear or nonlinear codes. In this paper, the algebraic-geometric codes over GF(2m) are used to modify the Carlet and Kurosawa-Satoh’s construction for giving vectorial resilient Boolean functions satisfying PC(l) of order k criterion. This new construction is compared with previously known results.     

Classification of 9-dimensional trilinear alternating forms over GF(2)

Let V be a finite-dimensional vector space over a finite field and let f be a trilinear alternating form over V. For such forms, we introduce two new invariants. Together with a generalized radical polynomial used for classification of forms in dimension 8 over GF(2), they are sufficient to distinguish between all trilinear alternating forms in dimension 9 over GF(2). To prove the completeness of the list of forms, we computed their groups of automorphisms. There are 31 degenerate and 317 nondegenerate forms. We point out some forms with either small or large automorphism group.     

A note on APN permutations in even dimension

APN permutations in even dimension are vectorial Boolean functions that play a special role in the design of block ciphers. We study their properties, providing some general results and some applications to the low-dimension cases. In particular, we prove that none of their components can be quadratic. For an APN vectorial Boolean function (in even dimension) with all cubic components we prove the existence of a component having a large number of balanced derivatives. Using these restrictions, we obtain the first theoretical proof of the non-existence of APN permutations in dimension 4. Moreover, we derive some constraints on APN permutations in dimension 6.     

Concatenating Indicators of Flats for Designing Cryptographic Functions

Boolean functions with good cryptographic characteristics are needed for the design of robust pseudo-random generators for stream ciphers and of S-boxes for block ciphers. Very few general constructions of such cryptographic Boolean functions are known. The main ones correspond to concatenating affine or quadratic functions. We introduce a general construction corresponding to the concatenation of indicators of flats. We show that the functions it permits to design can present very good cryptographic characteristics.     

The autocorrelation properties of single cycle polynomial T-functions

T-functions have been widely used in the design of symmetric ciphers, hash functions, and fast cryptographic primitives. Single cycle polynomial T-functions are a special category. If they are used as state transition functions of stream ciphers, the security of the generated sequences is crucial. In 2008, Kolokotronis proposed a conjecture regarding the autocorrelation function’s values of coordinate sequences generated by single cycle polynomial T-functions. In this paper, we show that the conjecture does not hold in general and prove the conditions under which it holds.     

Cryptanalysis of Rijndael S-box and improvement

By the discovered correlation between linear functions over GF(qⁿ) and matrices over GF(q), a new scheme is presented to resolve the algebraic expression of Rijndael S-box in this paper. This new scheme has the advantage of predetermining in the case of a given random basis over GF(qⁿ). The reason why only nine terms are involved in the algebraic expression of Rijndael S-box is presented, which corrects the available inaccurate illustration. An improved AES S-box is presented to improve the complexity of AES S-box algebraic expression with terms increasing from 9 to 255 and algebraic degree invariable. The improved AES S-box also has good properties of Boolean functions in SAC and balance, and is capable of attacking against differential cryptanalysis with high reliable security. We finally summarize all the available methods to determine the algebraic expression of Rijndael S-box.     

Linearization of nonlinear filter generators and its application to cryptanalysis of stream ciphers

Nonlinear filter generators are commonly used as keystream generators in stream ciphers. A nonlinear filter generator utilizes a nonlinear filtering function to combine the outputs of a linear feedback shift register (LFSR) to improve the linear complexity of keystream sequences. However, the LFSR-based stream ciphers are still potentially vulnerable to algebraic attacks that recover the key from some keystream bits. Although the known algebraic attacks only require polynomial time complexity of computations, all have their own constraints. This paper uses the linearization of nonlinear filter generators to cryptanalyze LFSR-based stream ciphers. Such a method works for any nonlinear filter generators. Viewing a nonlinear filter generator as a Boolean network that evolves as an automaton through Boolean functions, we first give its linearization representation. Compared to the linearization representation in Limniotis et al. (2008), this representation requires lower spatial complexity of computations in most cases. Based on the representation, the key recoverability is analyzed via the observability of Boolean networks. An algorithm for key recovery is given as well. Compared to the exhaustive search to recover the key, using this linearization representation requires lower time complexity of computations, though it leads to exponential time complexity.