This paper presents a construction for a class of 1-resilient functions with optimal algebraic immunity on an even number of variables. The construction is based on the concatenation of two balanced functions in assoc...This paper presents a construction for a class of 1-resilient functions with optimal algebraic immunity on an even number of variables. The construction is based on the concatenation of two balanced functions in associative classes. For some n, a part of 1-resilient functions with maximum algebraic immunity constructed in the paper can achieve almost optimal nonlinearity. Apart from their high nonlinearity, the functions reach Siegenthaler's upper bound of algebraic degree. Also a class of l-resilient functions on any number n 〉 2 of variables with at least sub-optimal algebraic immunity is provided.展开更多
Algebraic immunity is a new cryptographic criterion proposed against algebraic attacks. In order to resist algebraic attacks, Boolean functions used in many stream ciphers should possess high algebraic immunity. This ...Algebraic immunity is a new cryptographic criterion proposed against algebraic attacks. In order to resist algebraic attacks, Boolean functions used in many stream ciphers should possess high algebraic immunity. This paper presents one main result to find balanced rotation symmetric Boolean functions with maximum algebraic immunity. Through swapping the values of two orbits of rotation class of the majority function, a class of 4k+l variable Boolean functions with maximum algebraic immu- nity is constructed. The function f(x) we construct always has terms of degree n-2 independence of what ever n is. And the nonlinearity off(x) is relatively good for large n.展开更多
We present some known-key distinguishers for a type-1 Feistel scheme with a permutation as the round function. To be more specific, the 29-round known-key truncated differential distinguishers are given for the 256-bi...We present some known-key distinguishers for a type-1 Feistel scheme with a permutation as the round function. To be more specific, the 29-round known-key truncated differential distinguishers are given for the 256-bit type-1 Feistel scheme with an SP (substitution-permutation) round function by using the rebound attack, where the S-boxes have perfect differential and linear properties and the linear diffusion layer has a maximum branch number. For two 128-bit versions, the distinguishers can be applied on 25- round structures. Based on these distinguishers, we construct near-collision attacks on these schemes with MMO (Matyas- Meyer-Oseas) and MP (Miyaguchi-Preneel) hashing modes, and propose the 26-round and 22-round near-collision attacks for two 256-bit schemes and two 128-bit schemes, respectively. We apply the near-collision attack on MAME and obtain a 26-round near-collision attack. Using the algebraic degree and some integral properties, we prove the correctness of the 31-round known-key integral distinguisher proposed by Sasaki et al. We show that if the round function is a permutation, the integral distinguisher is suitable for a type-1 Feistel scheme of any size.展开更多
基金supported by the National Natural Science Foundations of China under Grant Nos. 60903200,61003299
文摘This paper presents a construction for a class of 1-resilient functions with optimal algebraic immunity on an even number of variables. The construction is based on the concatenation of two balanced functions in associative classes. For some n, a part of 1-resilient functions with maximum algebraic immunity constructed in the paper can achieve almost optimal nonlinearity. Apart from their high nonlinearity, the functions reach Siegenthaler's upper bound of algebraic degree. Also a class of l-resilient functions on any number n 〉 2 of variables with at least sub-optimal algebraic immunity is provided.
基金Supported by the National Natural Science Foundation of China(61272434)the Natural Science Foundation of Shandong Province(ZR 2012FM004,ZR2013FQ021)the Foundation of Science and Technology on Information Assume Laboratory(KJ-13-004)
文摘Algebraic immunity is a new cryptographic criterion proposed against algebraic attacks. In order to resist algebraic attacks, Boolean functions used in many stream ciphers should possess high algebraic immunity. This paper presents one main result to find balanced rotation symmetric Boolean functions with maximum algebraic immunity. Through swapping the values of two orbits of rotation class of the majority function, a class of 4k+l variable Boolean functions with maximum algebraic immu- nity is constructed. The function f(x) we construct always has terms of degree n-2 independence of what ever n is. And the nonlinearity off(x) is relatively good for large n.
基金Acknowledgements This research project was promoted by the Scientific Research Foundation for High Level Talents of Henan Normal University (01016500148) and the National Natural Science Foundation of China (Grant Nos. 61272476, 61232009).
文摘We present some known-key distinguishers for a type-1 Feistel scheme with a permutation as the round function. To be more specific, the 29-round known-key truncated differential distinguishers are given for the 256-bit type-1 Feistel scheme with an SP (substitution-permutation) round function by using the rebound attack, where the S-boxes have perfect differential and linear properties and the linear diffusion layer has a maximum branch number. For two 128-bit versions, the distinguishers can be applied on 25- round structures. Based on these distinguishers, we construct near-collision attacks on these schemes with MMO (Matyas- Meyer-Oseas) and MP (Miyaguchi-Preneel) hashing modes, and propose the 26-round and 22-round near-collision attacks for two 256-bit schemes and two 128-bit schemes, respectively. We apply the near-collision attack on MAME and obtain a 26-round near-collision attack. Using the algebraic degree and some integral properties, we prove the correctness of the 31-round known-key integral distinguisher proposed by Sasaki et al. We show that if the round function is a permutation, the integral distinguisher is suitable for a type-1 Feistel scheme of any size.