{"title":"基于chi的矢量布尔函数的微分和线性性质","authors":"Silvia Mella, Alireza Mehrdad, Joan Daemen","doi":"10.1007/s12095-023-00639-1","DOIUrl":null,"url":null,"abstract":"<p><p>To evaluate the security of a cryptographic primitive, investigating its resistance against differential and linear cryptanalysis is required. Many modern cryptographic primitives repeatedly apply similar round functions alternated with the addition of round keys or constants. A round function usually consists of a non-linear mapping and a number of linear mappings. The non-linear mapping <math><mi>χ</mi></math> is used in different cryptographic primitives such as Keccak and Subterranean. An alternative version of <math><mi>χ</mi></math> is used in Ascon and the non-linear layer of Simon has the same differential and linear properties of <math><mi>χ</mi></math>. The mapping <math><mi>χ</mi></math> can be applied to strings with different lengths. For instance, it can be parallelly applied to small-length strings as in Keccak, where it works on 5-bit strings, or it can be applied to big-length strings as in Subterranean, where it works on a string of length 257. Investigating the differential and linear properties of <math><mi>χ</mi></math> working on alternative lengths of strings, provides useful information to designers to make a better choice for the non-linear layer. Some differential properties of <math><mi>χ</mi></math> have been analyzed in [8] and in this work we provide a revised presentation of them. We then extend this study and we analyze linear propagation properties of <math><mi>χ</mi></math>. Thanks to these additional results, we extend the comparison between the application of parallel instances of <math><mi>χ</mi></math> on small-length strings and the application of a single instance of <math><mi>χ</mi></math> on a big-length string. We show how we can apply the results of this study also to the non-linear layers of Ascon and Simon thanks to their affine-equivalence with <math><mi>χ</mi></math>.</p>","PeriodicalId":48936,"journal":{"name":"Cryptography and Communications-Discrete-Structures Boolean Functions and Sequences","volume":null,"pages":null},"PeriodicalIF":1.2000,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10624758/pdf/","citationCount":"1","resultStr":"{\"title\":\"Differential and Linear properties of vectorial boolean functions based on chi.\",\"authors\":\"Silvia Mella, Alireza Mehrdad, Joan Daemen\",\"doi\":\"10.1007/s12095-023-00639-1\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p><p>To evaluate the security of a cryptographic primitive, investigating its resistance against differential and linear cryptanalysis is required. Many modern cryptographic primitives repeatedly apply similar round functions alternated with the addition of round keys or constants. A round function usually consists of a non-linear mapping and a number of linear mappings. The non-linear mapping <math><mi>χ</mi></math> is used in different cryptographic primitives such as Keccak and Subterranean. An alternative version of <math><mi>χ</mi></math> is used in Ascon and the non-linear layer of Simon has the same differential and linear properties of <math><mi>χ</mi></math>. The mapping <math><mi>χ</mi></math> can be applied to strings with different lengths. For instance, it can be parallelly applied to small-length strings as in Keccak, where it works on 5-bit strings, or it can be applied to big-length strings as in Subterranean, where it works on a string of length 257. Investigating the differential and linear properties of <math><mi>χ</mi></math> working on alternative lengths of strings, provides useful information to designers to make a better choice for the non-linear layer. Some differential properties of <math><mi>χ</mi></math> have been analyzed in [8] and in this work we provide a revised presentation of them. We then extend this study and we analyze linear propagation properties of <math><mi>χ</mi></math>. Thanks to these additional results, we extend the comparison between the application of parallel instances of <math><mi>χ</mi></math> on small-length strings and the application of a single instance of <math><mi>χ</mi></math> on a big-length string. We show how we can apply the results of this study also to the non-linear layers of Ascon and Simon thanks to their affine-equivalence with <math><mi>χ</mi></math>.</p>\",\"PeriodicalId\":48936,\"journal\":{\"name\":\"Cryptography and Communications-Discrete-Structures Boolean Functions and Sequences\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":1.2000,\"publicationDate\":\"2023-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10624758/pdf/\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Cryptography and Communications-Discrete-Structures Boolean Functions and Sequences\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1007/s12095-023-00639-1\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"2023/4/26 0:00:00\",\"PubModel\":\"Epub\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, THEORY & METHODS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cryptography and Communications-Discrete-Structures Boolean Functions and Sequences","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s12095-023-00639-1","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2023/4/26 0:00:00","PubModel":"Epub","JCR":"Q3","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
Differential and Linear properties of vectorial boolean functions based on chi.
To evaluate the security of a cryptographic primitive, investigating its resistance against differential and linear cryptanalysis is required. Many modern cryptographic primitives repeatedly apply similar round functions alternated with the addition of round keys or constants. A round function usually consists of a non-linear mapping and a number of linear mappings. The non-linear mapping is used in different cryptographic primitives such as Keccak and Subterranean. An alternative version of is used in Ascon and the non-linear layer of Simon has the same differential and linear properties of . The mapping can be applied to strings with different lengths. For instance, it can be parallelly applied to small-length strings as in Keccak, where it works on 5-bit strings, or it can be applied to big-length strings as in Subterranean, where it works on a string of length 257. Investigating the differential and linear properties of working on alternative lengths of strings, provides useful information to designers to make a better choice for the non-linear layer. Some differential properties of have been analyzed in [8] and in this work we provide a revised presentation of them. We then extend this study and we analyze linear propagation properties of . Thanks to these additional results, we extend the comparison between the application of parallel instances of on small-length strings and the application of a single instance of on a big-length string. We show how we can apply the results of this study also to the non-linear layers of Ascon and Simon thanks to their affine-equivalence with .
期刊介绍:
The scope of the journal focuses on discrete structures used in stream and block ciphers in symmetric cryptography; code division multiple access in communications; and random number generation for statistics, cryptography and numerical methods. In particular, papers covering Boolean functions and sequences, without excluding any other discrete structure used in cryptography and communications, such as finite fields and other algebraic structures, are strongly encouraged.