S-盒的Lyapunov指数研究

在密码算法的设计中,S-盒有着信息混淆的重要功能.传统的S-盒的密码学指标一般包括线性偏差、差分特征、代数免疫度、不动点个数、雪崩效应等.2006年,Kocarev给出了有限集合上的离散混沌理论.本文借鉴该理论,在汉明距离的基础上给出了S-盒的Lyapunov指数的定义,利用该定义计算了几个密码算法中的S-盒的Lyapunov指数值,并进行了比较.证明了在欧氏距离上定义的Lvapunov指数最大的映射,按本文提出的S-盒的Lyapunov指数的定义其Lyapunov指数为0;讨论了S-盒的Lyapunov指数与S-盒的雪崩效应之间的关系,该关系实际上是混沌理论中的蝴蝶效应与密码学中的雪崩效应之间的关系.本文提出的S-盒的Lyapunov指数的定义可视为对传统的S-盒的密码学指标的补充.     

具有最高代数次数的2n元n维Bent函数的构造

本文给出了代数次数达到最高的一类布尔置换的代数标准形 ;并用m序列的状态转移矩阵和所得置换 ,构造了一类代数次数达到最高的 2n元n维Bent函数 ,用这类函数所构造的S盒具有较高的安全强度 .     

Resistance of a CAST-Like Encryption Algorithm to Linear and Differential Cryptanalysis

Linear cryptanalysis and differential cryptanalysis are two recently introduced, powerful methodologies for attacking private-key block ciphers. In this paper, we examine the application of these two cryptanalysis techniques to a CAST-like encryption algorithm. It is shown that, when randomly generated substitution boxes (s-boxes) are used in a CAST-like encryption algorithm, the resulting cipher is resistant to both the linear attack and the differential attack.     

Key-Dependent S-Boxes and Differential Cryptanalysis

Key-dependent S-boxes gained some prominence in block cipher design when Twofish became an AES finalist. In this paper we make some observations on how the cryptanalyst might work with key-dependent S-boxes, we begin to develop a framework for the differential cryptanalysis of key-dependent S-boxes, and we introduce some basic techniques that were used in an analysis of reduced-round Twofish.     

Relating Differential Distribution Tables to Other Properties of of Substitution Boxes

Due to the success of differential and linear attacks on a large number of encryption algorithms, it is important to investigate relationships among various cryptographic, including differential and linear, characteristics of an S-box (substitution box). After discussing a precise relationship among three tables, namely the difference, auto-correlation and correlation immunity distribution tables, of an S-box, we develop a number of results on various properties of S-boxes. More specifically, we show (1) close connections among three indicators of S-boxes, (2) a tight lower bound on the sum of elements in the leftmost column of its differential distribution table, (3) a non-trivial and tight lower bound on the differential uniformity of an S-box, and (4) two upper bounds on the nonlinearity of S-boxes (one for a general, not necessarily regular, S-box and the other for a regular S-box).