Results 1  10
of
134
Propagation Characteristics of Boolean Functions
, 1990
"... The relation between the WalshHadamard transform and the autocorrelation function of Boolean functions is used to study propagation characteristics of these functions. The Strict Avalanche Criterion and the Perfect Nonlinearity Criterion are generalized in a Propagation Criterion of degree k. New p ..."
Abstract

Cited by 83 (3 self)
 Add to MetaCart
The relation between the WalshHadamard transform and the autocorrelation function of Boolean functions is used to study propagation characteristics of these functions. The Strict Avalanche Criterion and the Perfect Nonlinearity Criterion are generalized in a Propagation Criterion of degree k. New properties and constructions for Boolean bent functions are given and also the extension of the definition to odd values of n is discussed. New properties of functions satisfying higher order SAC are derived. Finally a general framework is established to classify functions according to their propagation characteristics if a number of bits is kept constant.
GAC  the Criterion for Global Avalanche Characteristics of Cryptographic Functions
 Journal of Universal Computer Science
, 1995
"... Abstract: We show that some widely accepted criteria for cryptographic functions, including the strict avalanche criterion (SAC) and the propagation criterion, have various limitations in capturing properties of vital importance to cryptographic algorithms, and propose a new criterion called GAC tom ..."
Abstract

Cited by 41 (3 self)
 Add to MetaCart
(Show Context)
Abstract: We show that some widely accepted criteria for cryptographic functions, including the strict avalanche criterion (SAC) and the propagation criterion, have various limitations in capturing properties of vital importance to cryptographic algorithms, and propose a new criterion called GAC tomeasure the global avalanche characteristics of cryptographic functions. We also introduce two indicators related to the new criterion, one forecasts the sumofsquares while the other the absolute avalanche characteristics of a function. Lower and upper bounds on the two indicators are derived, and two methods are presented to construct cryptographic functions that achieve nearly optimal global avalanche characteristics. Category: E.3 1 Why the GAC In 1985, Webster and Tavares introduced the concept of the strict avalanche criterion (SAC) when searching for principles for designing DESlike data encryption algorithms [Web85, WT86]. A function is said to satisfy the SACif complementing asingle bit results inthe output ofthe function being complemented
SubstitutionPermutation Networks Resistant to Differential and Linear Cryptanalysis
 JOURNAL OF CRYPTOLOGY
, 1996
"... In this paper we examine a class of product ciphers referred to as substitutionpermutation networks. We investigate the resistance of these cryptographic networks to two important attacks: differential cryptanalysis and linear cryptanalysis. In particular, we develop upper bounds on the differenti ..."
Abstract

Cited by 32 (11 self)
 Add to MetaCart
(Show Context)
In this paper we examine a class of product ciphers referred to as substitutionpermutation networks. We investigate the resistance of these cryptographic networks to two important attacks: differential cryptanalysis and linear cryptanalysis. In particular, we develop upper bounds on the differential characteristic probability and on the probability of a linear approximation as a function of the number of rounds of substitutions. Further, it is shown that using large Sboxes with good diffusion characteristics and replacing the permutation between rounds by an appropriate linear transformation is effective in improving the cipher security in relation to these two attacks.
Weakly secret bit commitment: Applications to lotteries and fair exchange
 Proceedings of the 1998 IEEE Computer Security Foundations Workshop (CSFW11
, 1998
"... This paper presents applications for the weak protection of secrets in which weakness is not just acceptable but desirable. For one application, two versions of a lottery scheme are presented in which the result of the lottery is determined by the ticket numbers purchased, but no one can control the ..."
Abstract

Cited by 30 (0 self)
 Add to MetaCart
(Show Context)
This paper presents applications for the weak protection of secrets in which weakness is not just acceptable but desirable. For one application, two versions of a lottery scheme are presented in which the result of the lottery is determined by the ticket numbers purchased, but no one can control the outcome or determine what it is until after the lottery closes. This is because the outcome is kept secret in a way that is breakable after a predictable amount of time and/or computation. Another presented application is a variant on fair exchange protocols that requires no trusted third party at all. 1.
Designing SBoxes For Ciphers Resistant To Differential Cryptanalysis
 PROCEEDINGS OF THE 3RD SYMPOSIUM ON STATE AND PROGRESS OF RESEARCH IN CRYPTOGRAPHY
, 1993
"... This paper examines recent work in the area of bentfunctionbased substitution boxes in order to refine the relationship between sbox construction and immunity to the differential cryptanalysis attack described by Biham and Shamir. It is concluded that mxn sboxes, m<n, which are partially bent ..."
Abstract

Cited by 29 (1 self)
 Add to MetaCart
(Show Context)
This paper examines recent work in the area of bentfunctionbased substitution boxes in order to refine the relationship between sbox construction and immunity to the differential cryptanalysis attack described by Biham and Shamir. It is concluded that mxn sboxes, m<n, which are partially bentfunctionbased are the most appropriate choice for privatekey cryptosystems constructed as substitutionpermutation networks (SPNs). Since sboxes of this dimension and with this property have received little attention in the open literature, this paper provides a description of their construction and shows how they can be incorporated in a design procedure for a family of SPN cryptosystems with desirable cryptographic properties.
Propagation Characteristics and CorrelationImmunity of Highly Nonlinear Boolean Functions
 EUROCRYPT 2000, Lecture Notes in Comp. Sci
, 2000
"... Abstract. We investigate the link between the nonlinearity of a Boolean function and its propagation characteristics. We prove that highly nonlinear functions usually have good propagation properties regarding different criteria. Conversely, any Boolean function satisfying the propagation criterion ..."
Abstract

Cited by 24 (7 self)
 Add to MetaCart
(Show Context)
Abstract. We investigate the link between the nonlinearity of a Boolean function and its propagation characteristics. We prove that highly nonlinear functions usually have good propagation properties regarding different criteria. Conversely, any Boolean function satisfying the propagation criterion with respect to a linear subspace of codimension 1 or 2 has a high nonlinearity. We also point out that most highly nonlinear functions with a threevalued Walsh spectrum can be transformed into 1resilient functions. 1
Practical SBox Design
 SELECTED AREAS IN CRYPTOGRAPHY, 1996
, 1996
"... Much of the security of a block cipher based on the Feistel network depends on the properties of the substitution boxes (sboxes) used in the round function. Although many desirable properties have been studied, relatively little work has been done to determine to what degree these properties are a ..."
Abstract

Cited by 22 (2 self)
 Add to MetaCart
Much of the security of a block cipher based on the Feistel network depends on the properties of the substitution boxes (sboxes) used in the round function. Although many desirable properties have been studied, relatively little work has been done to determine to what degree these properties are achievable in practice. This paper presents one effort to construct large, cryptographically secure sboxes, contrasting theoretical and practical limitations, and highlighting areas for future research.
Cryptographic Properties of the WelchGong Transformation Sequence Generators
 IEEE Transactions on Information Theory
, 2002
"... Abstract—Welch–Gong (WG) transformation sequences are binary sequences of period 2 1 with twolevel autocorrelation. These sequences were discovered by Golomb, Gong, and Gaal in 1998 and they verified the validity of their construction for 5 20. Later, No, Chung, and Yun found another way to constr ..."
Abstract

Cited by 21 (11 self)
 Add to MetaCart
(Show Context)
Abstract—Welch–Gong (WG) transformation sequences are binary sequences of period 2 1 with twolevel autocorrelation. These sequences were discovered by Golomb, Gong, and Gaal in 1998 and they verified the validity of their construction for 5 20. Later, No, Chung, and Yun found another way to construct the WG sequences and verified their result for 5 23. Dillon first proved this result for odd in 1998, and, finally, Dobbertin and Dillon proved it for even in 1999. In this paper, we investigate a twofaced property of the WG transformation sequences for application in stream ciphers and pseudorandom number generators. One is to present the randomness or unpredictability of the WG transformation sequences. The other is to exhibit the security properties of the WG transformations regarded as Boolean functions. In particular, we prove that the WG transformation sequences, in addition to the known twolevel autocorrelation and threelevel cross correlation withsequences, have the ideal 2tuple distribution, and large linear span increasing exponentially with. Moreover, it can be implemented efficiently. This is the first type of pseudorandom sequences with good correlation, statistic properties, large linear span, and efficient implementation. When WG transformations are regarded as Boolean functions, they have high nonlinearity. We derive a criterion for the Boolean representation of WG transformations to beresilient and show that they are at least 1resilient under some basis of the finite field GF (2). An algorithm to find such bases is given. The degree and linear span of WG transformations are presented as well. Index Terms—Auto/cross correlation, Boolean function, linear span, nonlinearity, pseudorandom sequence (number) generator,
Heuristic Design of Cryptographically Strong Balanced Boolean Functions
 EUROCRYPT 98, LNCS 1403
, 1998
"... Advances in the design of Boolean functions using heuristic techniques are reported. A genetic algorithm capable of generating highly nonlinear balanced Boolean functions is presented. Hill climbing techniques are adapted to locate balanced, highly nonlinear Boolean functions that also almost satis ..."
Abstract

Cited by 21 (2 self)
 Add to MetaCart
(Show Context)
Advances in the design of Boolean functions using heuristic techniques are reported. A genetic algorithm capable of generating highly nonlinear balanced Boolean functions is presented. Hill climbing techniques are adapted to locate balanced, highly nonlinear Boolean functions that also almost satisfy correlation immunity. The definitions for some cryptographic properties are generalised, providing a measure suitable for use as a fitness function in a genetic algorithm seeking balanced Boolean functions that satisfy both correlation immunity and the strict avalanche criterion. Results are presented demonstrating the effectiveness of the methods.