Computational algorithms for calculating the algebraic immunity of nonlinear nodes of replacing symmetric ciphers
DOI:
https://doi.org/10.30837/rt.2020.1.200.07Keywords:
symmetric cipher, algebraic immunity, annihilating polynomial, Boolean functionAbstract
Block of nonlinear replacements (complication node, substitution block, S-box) is an important element of most modern symmetric ciphers. This is an elementary cryptographic primitive designed to mix input data and introduce non-linearity. By replacing small blocks with other blocks, mixing and scattering of data is achieved, and repeated cyclic repetition of such a procedure makes it possible to achieve the required cryptographic properties of the cipher. Many different criteria are put forward to substitution blocks (balance, high nonlinearity, low autocorrelation, correlation immunity, required avalanche properties, and many others). Each criterion expresses a formalized requirement of resistance to certain types of cryptographic analysis (differential, linear, etc.), i.e. when designing ciphers, they use an integrated approach, choosing S-blocks according to the totality of individual indicators. With the development of algebraic cryptanalysis, a new indicator of the effectiveness of substitution nodes has appeared – algebraic immunity, which is calculated as the minimum degree of the simplest (in a sense) algebraic equation describing the S-block. To search for such an equation, special methods are used, based on the construction of Gröbner bases. If you specify a knot of substitutions through a Boolean function, then to calculate algebraic immunity it is enough to find a function of the least degree from the annihilator space. This article discusses various methods of calculating algebraic immunity, analyzes their computational efficiency, discusses implementation details, substantiates methods for optimizing calculations in terms of time (in terms of number of operations) and capacitive (in terms of memory costs) of complexity. An advanced algorithm for calculating algebraic immunity is proposed, optimized for computing resources, including the necessary RAM sizes. The results of experimental studies are presented, in particular, the results of calculations of the algebraic immunity of 8x8 S-blocks for some well-known modern ciphers (AES, Kalina, Grasshopper, BelT), as well as the results obtained for random 8x8, 9x9 and 10x10 S-blocks.References
Courtois N. and Meier W. Algebraic attacks on stream ciphers with linear feedback // Eurocrypt’2003. LNCS. 2003. V. 2656. P. 345-359.
Покрасенко Д.П. Об алгебраической иммунности векторных булевых функций // Прикладная дискретная математика. Приложение. 2014. № 7. С. 43-48.
Meier W., Pasalic E., and Carlet C. Algebraic attacks and decomposition of Boolean functions // Eu-rocrypt’2004. LNCS. 2004. V. 3027. P. 474-491.
Armknecht F. and Krause M. Constructing single- and multi-output Boolean functions with maximal immunity // ICALP’2006. LNCS. 2006. V. 4052. P. 180-191.
Armknecht F. and Krause H. Constructing single- and multi-output Boolean functions with maximal immunity // ICALP’2006. V.4052. P. 180-191.
Ars G. and Faug`ere J.-C. Algebraic immunities of functions over finite fields // Proc. Conf. BFCA. 2005. P. 21-38.
Carlet C. On the algebraic immunities and higher order nonlinearities of vectorial Boolean functions // Enhancing Cryptographic Primitives with Techniques from Error Correcting Codes. Amsterdam: IOS Press, 2009. P. 104-116.
Faugère J.-C. (June 1999). A new efficient algorithm for computing Gröbner bases (F4) // Journal of Pure and Applied Algebra. Elsevier Science. 139 (1): 61-88.
Покрасенко Д.П. Компонентная алгебраическая иммунность S-блоков, использующихся в некоторых блочных шифрах // Прикладная дискретная математика. Приложение. 2017. № 10. С. 49-51.
Кузнецов О.О. Алгебраїчний імунітет нелінійних вузлів симетричних шифрів / О.О. Кузнецов, Ю.І. Горбенко, І.М. Білозерцев та інші // Радиотехника. 2017. Вып. 189. С. 47-58.
Magma Computational Algebra System. Available at: http://magma.maths.usyd.edu.au/magma.
Баев В. В. Эффективные алгоритмы получения оценок алгебраической иммунности булевых функций : дис. … канд. физ.-мат. наук : 01.01.09 / Баев Владимир Валерьевич; Место защиты: Моск. гос. ун-т им. М.В. Ломоносова. Фак. вычислит. математики и кибернетики. Москва, 2008. 101 с.
Gw´enol´e Ars, Jean-Charles Faug`ere. Algebraic Immunities of functions over finite fields // Research Report. RR-5532, INRIA. 2005. Р.17.
Аржанцев И.В. Базисы Грёбнера и системы алгебраических уравнений. Летняя школа. Современная математика. Дубна, июль 2002. Москва : МЦНМО, 2003. 68 с.
Злобин А.И., Соколова О.В. Компьютерная алгебра в системе Sage : учеб. пособие. Москва : МГТУ им. Баумана, 2011. 55 с.
Faugère, J.-C. (June 1999). A new efficient algorithm for computing Gröbner bases (F4). Journal of Pure and Applied Algebra. Elsevier Science. 139 (1): 61-88.
Faugère, J.-C. (July 2002). A new efficient algorithm for computing Gröbner bases without reduction to zero (F5) // Proceedings of the 2002 international symposium on Symbolic and algebraic computation (ISSAC). ACM Press. Р.75-83.
Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone. Handbook of Applied Cryptography CRC Press, 1997. 794 р.
Горбенко І.Д., Горбенко Ю.І. Прикладна криптологія. Теорія. Практика. Застосування : підручник для вищих навч. закладів. Харків : Форт, 2013. 880 с.
Bart Preneel. Analysis and Design of Cryptographic Hash Functions. Электронный ресурс. Режим доступа: homes.esat.kuleuven.be/~preneel/phd_preneel_feb1993.pdf
Carlet C. Vectorial Boolean functions for // Cambridge Univ. Press, Cambridge. 95 p. Электронный ресурс. Режим доступа: www.math.univ-paris13.fr/~carlet/chap-vectorial-fcts-corr.pdf
Carlet C. Boolean functions for cryptography and error correcting codes // Cambridge Univ. Press, Cambridge. 2007. 148 p. Электронный ресурс. Режим доступа: www1.spms.ntu.edu.sg/~kkhoongm/chap-fcts-Bool.pdf.
Zhuo Zepeng, Zhang Weiguo On correlation properties of Boolean functions // Chinese Journal of Electronics. 2011. Vol.20. №1. Р. 143-146.
O’Connor L. An analysis of a class of algorithms for S-box construction // J. Cryptology. 1994. Р. 133-151.
Clark J.A., Jacob J.L., Stepney S. The Design of S-Boxes by Simulated Annealing // New Generation Computing. 2005. 23(3). Р.219-231.
Кузнецов А.А., Белозерцев И.Н., Андрушкевич А.В. Анализ и сравнительные исследования нелинейных узлов замены современных блочных симметричных шифров // Прикладная радиоэлектроника. Харьков : ХНУРЭ. 2015. Т. 14. №4. С.343-350.
Massimiliano Sala, Teo Mora, Ludovic Perret, Shojiro Sakata, Carlo Traverso Gröbner Bases, Coding, and Cryptography. Springer-Verlag Berlin Heidelberg. 426 p.
Downloads
How to Cite
Issue
Section
License
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).