Boolean functions play an important role in designing and analyzing many cryptographic systems, such as block ciphers, stream ciphers, and hash functions, due to their unique cryptographic properties such as nonlinearity, correlation immunity, and algebraic properties. The secure evaluation of Boolean functions or Secure Boolean Evaluation (SBE) is an important area of research. SBE allows parties to jointly compute Boolean functions without exposing their private inputs. SBE finds...

We introduce a powerful attack, termed the bit-fixing correlation attack, on Goldreich's pseudorandom generators (PRGs), specifically focusing on those based on the $\mathsf{XOR}\text{-}\mathsf{THR}$ predicate. By exploiting the bit-fixing correlation property, we derive correlation equations with high bias by fixing certain bits. Utilizing two solvers to handle these high-bias correlation equations, we present inverse attacks on $\mathsf{XOR}\text{-}\mathsf{THR}$ based PRGs within the...

We describe a new class of Boolean functions which provide the presently best known trade-off between low computational complexity, nonlinearity and (fast) algebraic immunity. In particular, for $n\leq 20$, we show that there are functions in the family achieving a combination of nonlinearity and (fast) algebraic immunity which is superior to what is achieved by any other efficiently implementable function. The main novelty of our approach is to apply a judicious combination of simple...

he unique design of the FLIP cipher necessitated a generalization of standard cryptographic criteria for Boolean functions used in stream ciphers, prompting a focus on properties specific to subsets of $\mathbb{F}_2^n$ rather than the entire set. This led to heightened interest in properties related to fixed Hamming weight sets and the corresponding partition of $\mathbb{F}_2^n$ into n+1 such sets. Consequently, the concept of Weightwise Almost Perfectly Balanced (WAPB) functions emerged,...

When designing filter functions in Linear Feedback Shift Registers (LFSR) based stream ciphers, algebraic criteria of Boolean functions such as the Algebraic Immunity (AI) become key characteristics because they guarantee the security of ciphers against the powerful algebraic attacks. In this article, we investigate a generalization of the algebraic attacks proposed by Courtois and Meier on filtered LFSR twenty years ago. We consider how the standard algebraic attack can be generalized...

Weightwise degree-d functions are Boolean functions that take the values of a function of degree at most d on each set of fixed Hamming weight. The class of weightwise affine functions encompasses both the symmetric functions and the Hidden Weight Bit Function (HWBF). The good cryptographic properties of the HWBF, except for the nonlinearity, motivates to investigate a larger class with functions that share the good properties and have a better nonlinearity. Additionally, the homomorphic...

We investigate the concept of $\mathcal{S}_0$-equivalent class, $n$-variable Boolean functions up to the addition of a symmetric function null in $0_n$ and $1_n$, as a tool to study weightwise perfectly balanced functions. On the one hand we show that weightwise properties, such as being weightwise perfectly balanced, the weightwise nonlinearity and weightwise algebraic immunity, are invariants of these classes. On the other hand we analyze the variation of global parameters inside the...

In this article we study the Algebraic Immunity (AI) of Weightwise Perfectly Balanced (WPB) functions. After showing a lower bound on the AI of two classes of WPB functions from the previous literature, we prove that the minimal AI of a WPB $n$-variables function is constant, equal to $2$ for $n\ge 4$ . Then, we compute the distribution of the AI of WPB function in $4$ variables, and estimate the one in $8$ and $16$ variables. For these values of $n$ we observe that a large majority of...

Over the years, a large number of attacks have been proposed against substitution boxes used in symmetric ciphers such as differential attacks, linear attacks, algebraic attacks, etc. In the Advanced Encryption Standard (AES) Block cipher, the substitution box is the only nonlinear component and thus it holds the weight of the cipher. This basically means that if an attacker is able to mount a successful attack on the substitution box of AES, the cipher is compromised. This research work...

Designing Boolean functions whose output can be computed with light means at high speed, and satisfying all the criteria necessary to resist all major attacks on the stream ciphers using them as nonlinear components, has been an open problem since the beginning of this century, when algebraic attacks were invented. Functions allowing good resistance are known since 2008, but their output is too complex to compute. Functions with fast and easy to compute output are known which have good...

Despite intensive research on Boolean functions for cryptography for over thirty years, there are very few known general constructions allowing to satisfy all the necessary criteria for ensuring the resistance against all the main known attacks on the stream ciphers using them. In this paper, we investigate the general construction of Boolean functions $f$ from vectorial functions, in which the support of $f$ equals the image set of an injective vectorial function $F$, that we call a...

In this paper, we study sufficient conditions to improve the lower bound on the algebraic immunity of a direct sum of Boolean functions. We exhibit three properties on the component functions such that satisfying one of them is sufficient to ensure that the algebraic immunity of their direct sum exceeds the maximum of their algebraic immunities. These properties can be checked while computing the algebraic immunity and they allow to determine better the security provided by functions central...

Goldreich's pseudorandom generator is a well-known building block for many theoretical cryptographic constructions from multi-party computation to indistinguishability obfuscation. Its unique efficiency comes from the use of random local functions: each bit of the output is computed by applying some fixed public $n$-variable Boolean function $f$ to a random public size-$n$ tuple of distinct input bits. The characteristics that a Boolean function $f$ must have to ensure pseudorandomness is a...

We push a little further the study of two characterizations of almost perfect nonlinear (APN) functions introduced in our recent monograph. We state open problems about them, and we revisit in their perspective a well-known result from Dobbertin on APN exponents. This leads us to new results about APN power functions and more general APN polynomials with coefficients in a subfield F_{2^k} , which ease the research of such functions and of differentially uniform functions, and simplifies the...

Post-quantum cryptography (PQC) is a trend that has a deserved NIST status, and which aims to be resistant to quantum computer attacks like Shor and Grover algorithms. NIST is currently leading the third-round search of a viable set of standards, all based on traditional approaches as code-based, lattice-based, multi quadratic-based, or hash-based cryptographic protocols [1]. We choose to follow an alternative way of replacing all numeric field arithmetic with GF(2^8) field operations [2]....

In this paper, we completely study two classes of Boolean functions that are suited for hybrid symmetric-FHE encryption with stream ciphers like FiLIP. These functions (which we call homomorphic-friendly) need to satisfy contradictory constraints: 1) allow a fast homomorphic evaluation, and have then necessarily a very elementary structure, 2) be secure, that is, allow the cipher to resist all classical attacks (and even more, since guess and determine attacks are facilitated in such...

Post-quantum cryptography (PQC) is a trend that has a deserved NIST status, and which aims to be resistant to quantum computers attacks like Shor and Grover algorithms. In this paper, we propose a method for designing post-quantum provable IND-CPA/IND-CCA2 public key cryptosystems based on polynomials over a non-commutative algebraic extension ring. The key ideas of our proposal is that (a) for a given non-commutative ring of rank-3 tensors, we can define polynomials and take them as...

MuSig is a multi-signature scheme for Schnorr signatures, which supports key aggregation and is secure in the plain public key model. Standard derandomization techniques for discrete logarithm-based signatures such as RFC 6979, which make the signing procedure immune to catastrophic failures in the randomness generation, are not applicable to multi-signatures as an attacker could trick an honest user into producing two different partial signatures with the same randomness, which would reveal...

Nowadays, the resistance against algebraic attacks and fast algebraic attacks are considered as an important cryptographic property for Boolean functions used in stream ciphers. Both attacks are very powerful analysis concepts and can be applied to symmetric cryptographic algorithms used in stream ciphers. The notion of algebraic immunity has received wide attention since it is a powerful tool to measure the resistance of a Boolean function to standard algebraic attacks. Nevertheless, an...

Motivated by the impact of fast algebraic attacks on stream ciphers, and recent constructions using a threshold function as part of the filtering function, we study the fast algebraic immunity of threshold functions. As a first result, we determine exactly the fast algebraic immunity of all majority functions in more than $8$ variables. Then, For all $n\geq 8$ and all threshold value between $1$ and $n$ we exhibit the fast algebraic immunity for most of the thresholds, and we determine a...

Let $k \ge 2$ be an integer, define $$ S_t^k:=\Bigg\{(a,b)\in \mathbb{Z}^2\ \Big| \ { 0 \le a,b \le 2^{k}-2,\ a+b\equiv t ~(\text{mod} \ 2^k-1),\ \w(a)+\w(b)\le{k-1}}\Bigg\},$$ where $t \in \mathbb{Z}, 1 \le t \le 2^k-2$. This paper gives the upper bound of cardinality of $S_t^k$ when $\w(t)\le 10$, proving that a conjecture proposed by Tu and Deng in the case.

We initiate a systematic study of pseudorandom functions (PRFs) that are computable by simple matrix branching programs; we refer to these objects as “matrix PRFs”. Matrix PRFs are attractive due to their simplicity, strong connections to complexity theory and group theory, and recent applications in program obfuscation. Our main results are: * We present constructions of matrix PRFs based on the conjectured hardness of some simple computational problems pertaining to matrix products. *...

In different contexts such as filtered LFSR, Goldreich's PRG, and FLIP stream ciphers, the security of a cryptographic primitive mostly depends on the algebraic properties of one Boolean function. Since the Seventies, more and more efficient attacks have been exhibited in this context, related to more and more general algebraic properties, such as the degree, the algebraic immunity, and finally, the fast algebraic immunity. Once the properties to estimate the attack complexities are...

Boolean functions used in some cryptosystems of stream ciphers should satisfy various criteria simultaneously to resist some known attacks. The fast algebraic attack (FAA) is feasible if one can find a nonzero function $g$ of low algebraic degree and a function $h$ of algebraic degree significantly lower than $n$ such that $f\cdot g=h$. Then one new cryptographic property fast algebraic immunity was proposed, which measures the ability of Boolean functions to resist FAAs. It is a great...

Substitution Boxes (S-Boxes) are crucial components in the design of many symmetric ciphers. The security of these ciphers against linear, differential, algebraic cryptanalyses and side-channel attacks is then strongly dependent on the choice of the S-Boxes. To construct S-Boxes having good resistive properties both towards classical cryptanalysis as well side-channel attacks is not a trivial task. In this article we propose new methods for generating S-Boxes with strong...

A cryptosystem which supports both addition and multiplication (thereby preserving the ring structure of the plaintexts) is known as fully homomorphic encryption (FHE) and is very powerful. Using such a scheme, any circuit can be homomorphically evaluated, effectively allowing the construction of programs which may be run on ciphertexts of their inputs to produce a ciphertext of their output. Since such a program never decrypts its input, it can be run by an untrusted party without revealing...

In previous work I proposed a fully homomorphic encryption without bootstrapping which has the large size of ciphertext. This tme I propose the fully homomorphic public-key encryption scheme on non-associative octonion ring over finite field with the small size of ciphertext. In this scheme the size of ciphertext is one-third of the size in the scheme proposed before. Because proposed scheme adopts the medium text with zero norm, it is immune from the “p and -p attack”. As the proposed...

Gentry’s bootstrapping technique is the most famous method of obtaining fully homomorphic encryption. In previous work I proposed a fully homomorphic encryption without bootstrapping which has the weak point in the enciphering function. In this paper I propose the improved fully homomorphic public-key encryption scheme on non-associative octonion ring over finite field without bootstrapping technique. The plaintext p consists of two sub-plaintext u and v. The proposed fully homomorphic...

We study the main cryptographic features of Boolean functions (balancedness, nonlinearity, algebraic immunity) when, for a given number $n$ of variables, the input to these functions is restricted to some subset $E$ of $\mathbb{F}_2^n$. We study in particular the case when $E$ equals the set of vectors of fixed Hamming weight, which plays a role in the FLIP stream cipher and we study the robustness of the Boolean function in this cipher.

In this paper, we improve the lower bound on the maximum nonlinearity of 1-resilient Boolean functions, for $n$ even, by proposing a method of constructing this class of functions attaining the best nonlinearity currently known. Thus for the first time, at least for small values of $n$, the upper bound on nonlinearity can be reached in a deterministic manner in difference to some heuristic search methods proposed previously. The nonlinearity of these functions is extremely close to the...

Although several methods for estimating the resistance of a random Boolean function against (fast) algebraic attacks were proposed, these methods are usually infeasible in practice for relative large input variables $n$ (for instance $n\geq 30)$ due to increased computational complexity. An efficient estimation the resistance of Boolean function (with relative large input variables $n$) against (fast) algebraic attacks appears to be a rather difficult task. In this paper, the concept of...

In previous work I proposed a fully homomorphic encryption without bootstrapping which has the weak point in the enciphering function. In this paper I propose the fully homomorphic encryption scheme with non-zero isotropic octonions. I improve the previous scheme by adopting the non-zero isotropic octonions so that the “m and -m attack” is not useful because in proposed scheme many ciphertexts exist where the plaintext m is not zero and the norm is zero. The improved scheme is based on...

Gentry’s bootstrapping technique is the most famous method of obtaining fully homomorphic encryption. In previous work I proposed a fully homomorphic encryption without bootstrapping which has the weak point in the plaintext. I also proposed a fully homomorphic encryption with composite number modulus which avoids the weak point by adopting the plaintext including the random numbers in it. In this paper I propose another fully homomorphic encryption with composite number modulus where the...

Gentry’s bootstrapping technique is the most famous method of obtaining fully homomorphic encryption. In previous work I proposed a fully homomorphic encryption without bootstrapping which has the weak point in the plaintext. In this paper I propose the improved fully homomorphic encryption scheme on non-associative octonion ring over finite ring with composite number modulus where the plaintext p consists of three numbers u,v,w. The proposed fully homomorphic encryption scheme is immune...

In previous work(2015/474 in Cryptology ePrint Archive), I proposed a fully homomorphic encryption without bootstrapping which has the weak point in the enciphering function. In this paper I propose the improved fully homomorphic encryption scheme on non-associative octonion ring over finite field without bootstrapping technique. I improve the previous scheme by (1) adopting the enciphering function such that it is difficult to express simply by using the matrices and (2) constructing the...

In this paper we investigate univariate algebraic attacks on filter generators over extension fields $F_q=F_{2^n}$ with focus on the Welch-Gong (WG) family of stream ciphers. Our main contribution is to break WG-5, WG-7, WG-8 and WG-16 by combining results on the so-called spectral immunity (minimum distance of certain cyclic codes) with properties of the WG type stream cipher construction. The spectral immunity is the univariate analog of algebraic immunity and instead of measuring degree...

The (fast) algebraic immunity, including (standard) algebraic immunity and the resistance against fast algebraic attacks, has been considered as an important cryptographic property for Boolean functions used in stream ciphers. This paper is on the determination of the (fast) algebraic immunity of a special class of Boolean functions, called Boolean power functions. An n-variable Boolean power function f can be represented as a monomial trace function over finite field GF(2^n). To determine...

Lattice based encryption schemes and linear code based encryption schemes have received extensive attention in recent years since they have been considered as post-quantum candidate encryption schemes. Though LLL reduction algorithm has been one of the major cryptanalysis techniques for lattice based cryptographic systems, key recovery cryptanalysis techniques for linear code based cryptographic sys- tems are generally scheme specific. In recent years, several important techniques such as...

Cryptographic applications, such as hashing, block ciphers and stream ciphers, make use of functions which are simple by some criteria (such as circuit implementations), yet hard to invert almost everywhere. A necessary condition for the latter property is to be ``sufficiently distant'' from linear, and cryptographers have proposed several measures for this distance. In this paper, we show that four common measures, {\em nonlinearity, algebraic degree, annihilator immunity}, and {\em...

The trace inverse function $\Tr(\lambda x^{-1})$ over the finite field $\mathbb{F}_{2^n}$ is a class of very important Boolean functions and has be used in many stream ciphers, for example, SFINKS, RAKAPOSHI, the simple counter stream cipher presented by W. Si and C.S. Ding, etc. In order to evaluate the security of those algorithms in assistance to (fast) algebraic attacks, it is essential to algebraic properties of $\Tr(\lambda x^{-1})$. However, currently only some bounds on algebraic...

Criteria based on the analysis of the properties of vectorial Boolean functions for selection of substitutions (S-boxes) for symmetric cryptographic primitives are given. We propose an improved gradient descent method for increasing performance of nonlinear vectorial Boolean functions generation with optimal cryptographic properties. Substitutions are generated by proposed method for the most common 8-bits input and output messages have nonlinearity 104, 8-uniformity and algebraic immunity 3.

Obtainment of exact value or high lower bound on the $r$-th order nonlinearity of Boolean function is a very complicated problem (especial if $r > 1$). In a number of papers lower bounds on the $r$-th order nonlinearity of Boolean function via its algebraic immunity were obtain for different $r$. This bounds is rather high for function with maximum near maximum possible algebraic immunity. In this paper we prove theorem, which try to obtain rather high lower bound on the $r$-th order...

The incidence matrix between a set of monomials and a set of vectors in $\F_2$ has a great importance in the study of coding theory, cryptography, linear algebra, combinatorics. The rank of these matrices are very useful while computing algebraic immunity($\ai$) of Boolean functions in cryptography literature~\cite{MPC04,DGM04}. Moreover, these matrices are very sparse and well structured. Thus, for aesthetic reason finding the rank of these matrices is also very interesting in mathematics....

Using simulated annealing, we derive several equivalence classes of balanced Boolean functions with optimum algebraic immunity, fast algebraic resistance, and maximum possible algebraic degree. For numbers n of input bits less than 16, these functions also possess superior nonlinearity to all Boolean functions so far obtained with said properties.

In the last decade, algebraic and fast algebraic attacks are regarded as the most successful attacks on LFSR-based stream ciphers. Since the notion of algebraic immunity was introduced, the properties and constructions of Boolean functions with maximum algebraic immunity have been researched in a large number of papers. However, there are few results with respect to Boolean functions with provable good immunity against fast algebraic attacks. In previous literature, only Carlet-Feng...

In this paper, by modifying a subclass of bent functions in $\mathcal P S_{ap}$, we construct another subclass of bent functions in $\mathcal P S^+$ with maximum algebraic degree. We demonstrate that the algebraic immunity of the constructed functions is maximum. The result is proved by using the well known conjecture proposed by Tu and Deng (Des. Codes Cryptogr. 60(1), pp. 1-14, 2011) which has been proved recently by Cohen and Flori (http://eprint.iacr.org/ 2011/400.pdf). Finally, we...

The general principle for algebraic attack for multi-output stream ciphers was proposed by Courtois [6]. Furthermore, Armknecht, and Krause gave a definition of algebraic immunity for multi-output Boolean functions in [2], and investigated some construction methods of multi-output Boolean functions with maximal algebraic immunity. In this note, several new characterizations of algebraic immunity for multi-output Boolean functions are given, and some related invariants and their relations are...

In this paper, we construct a class of vectorial Boolean functions over $\mathbb{F}_{2^{n}}$ with high algebraic immunity based on the decomposition of the multiplicative group of $\mathbb{F}_{2^n}$. By viewing $\mathbb{F}_{2^{n}}$ as $G_1G_2\bigcup \{0\} $ (where $G_1$ and $G_2$ are subgroups of $\mathbb{F}_{2^{n}}^{*},~(\#G_1,\#G_2)=1$ and $\#G_1\times \#G_2=2^{2k}-1$), we give a generalized description for constructing vectorial Boolean functions with high algebraic immunity. Moreover,...

I propose the new key distribution system and attribute-based encryption scheme on non-commutative ring where the complexity required for enciphering and deciphering is small. As in this system encryption keys and decryption keys involve the attributes of each user, the system is adaptive for cloud computing systems. The security of this system is based on the complexity for solving the multivariate algebraic equations of high degree over finite field, that is, one of NP complete problems....

A perfect algebraic immune function is a Boolean function with perfect immunity against algebraic and fast algebraic attacks. The main results are that for a perfect algebraic immune balanced function the number of input variables is one more than a power of two; for a perfect algebraic immune unbalanced function the number of input variables is a power of two. Also the Carlet-Feng functions on $2^s+1$ variables and the modified Carlet-Feng functions on $2^s$ variables are shown to be...

In this paper, it is shown that an $n$-variable rotation symmetric Boolean function $f$ with $n$ even but not a power of 2 admits a rotation symmetric function $g$ of degree at most $e\leq n/3$ such that the product $gf$ has degree at most $n-e-1$.

The algebraic immunity of cryptographic Boolean functions is studied in this paper. Proper modifications of functions achieving maximum algebraic immunity are proved, in order to yield new functions of also maximum algebraic immunity. It is shown that the derived results apply to known classes of functions. Moreover, two new efficient algorithms to produce functions of guaranteed maximum algebraic immunity are developed, which further extend and generalize known constructions of...

In this paper, We propose a class of 2k-variable Boolean functions, which have optimal algebraic degree, high nonlinearity, and are 1-resilient. These functions have optimal algebraic immunity when k > 2 and u = -2^l; 0 =< l < k. Based on a general combinatorial conjecture, algebraic immunity of these functions is optimal when k > 2 and u = 2^l; 0 =< l < k. If the general combinatorial conjecture and a new assumption are both true, algebraic immunity of our functions is also optimal when k >...

In this paper, we propose two classes of 2k-variable Boolean functions, which have optimal algebraic immunity under the assumption that a general combinatorial conjecture is correct. These functions also have high algebraic degree and high nonlinearity. One class contain more bent functions, and the other class are balanced.

In this paper, we present a new combinatorial conjecture about binary strings. Based on the new conjecture, two classes of Boolean functions of $2k$ variables with optimal algebraic immunity are proposed, where $k\ge 2$. The first class contains unbalanced functions having high algebraic degree and nonlinearity. The functions in the second one are balanced and have maximal algebraic degree and high nonlinearity. It is checked that, at least for small numbers of variables, both classes of...

We propose the digital signature scheme based on multivariate polynomials over finite fields in this paper. We generate the multivariate a polynomial of high degree F(X) . We construct the digital signature scheme using F(X). Our system is immune from the Gröbner bases attacks because obtaining parameters of F(X) to be secret keys arrives at solving the multivariate algebraic equations that is one of NP complete problems .

In this paper, three constructions of balanced Boolean functions with optimum algebraic immunity are proposed. The cryptographical properties such as algebraic degree and nonlinearity of the constructed functions are also analyzed.

In this paper, we propose a class of $2k$-variable Boolean functions which have optimal algebraic degree, very high nonlinearity, and are $1$-resilient. Based on our newly proposed conjecture, it can be shown that the algebraic immunity of our functions is at least suboptimal. Moreover, when $k$ is odd, the algebraic immunity is actually optimal, and for even $k$, we find that the algebraic immunity is optimal at least for $k\leq 28$.

In this paper we propose new key agreement protocols based on multivariate polynomials over finite field Fq. We concretely generate the multivariate polynomial F(X)\in Fq[x1,..,xn] such that F(X)=\sum^m_{i=1} ki[Ai(X)^d+ Ai(X)^{d-1}+ ..+ Ai(X)] where Ai(X) =ai1x1+…+ainxn ,coefficients ki , aij\in Fq (i=1,..,m:j=1,..,n) and variables X=(x1,..,xn)^T \in Fq[x1,..,xn]^n. The common key K(X) has the form such that K(X)=\sum^m_{i=1}hi F((bi1x1,...,binxn)^T) where hi ,bij\in Fq (i=1,..,m:j=1,..,n)...

This paper presents a byte-oriented stream cipher -- Loiss, which takes a 128-bit initial key and a 128-bit initial vector as inputs, and outputs a key stream of bytes. The algorithm is based on a linear feedback shift register, and uses a structure called BOMM in the filter generator, which has good property on resisting against algebraic attacks, linear distinguishing attacks and fast correlation attacks. In order for BOMM to be balanced, the S-boxes in BOMM must be orthomorphic...

In this paper, two sufficient conditions for a Boolean function with optimal extended algebraic immunity are given. It is shown that almost all the known functions possess maximum possible algebraic immunity. The results show that about half of them do not possess optimal extended algebraic immunity.

In this paper we propose two KAP(key agreement protocols) using multivariate equations. As the enciphering functions we select the multivariate functions of high degree on non-commutative ring H over finite field Fq. Two enciphering functions are slightly different from the enciphering function previously proposed by the present author. In proposed systems we can adopt not only the quaternion ring but also the non-associative octonion ring as the basic ring. Common keys are generated by...

In this paper, we present a class of $2k$-variable balanced Boolean functions and a class of $2k$-variable $1$-resilient Boolean functions for an integer $k\ge 2$, which both have the maximal algebraic degree and very high nonlinearity. Based on a newly proposed conjecture by Tu and Deng, it is shown that the proposed balanced Boolean functions have optimal algebraic immunity and the $1$-resilient Boolean functions have almost optimal algebraic immunity. Among all the known results of...

In this paper we propose new key agreement protocols based on multivariate algebraic equations. We choose the multivariate function F(X) of high degree on non-commutative quaternion ring H over finite field Fq. Common keys are generated by using the public-key F(X). Our system is immune from the Gröbner bases attacks because obtaining parameters of F(X) to be secret keys arrives at solving the multivariate algebraic equations that is one of NP complete problems .Our protocols are also...

We propose the digital signature scheme on non-commutative quaternion ring over finite fields in this paper. We generate the multivariate function of high degree F(X) . We construct the digital signature scheme using F(X). Our system is immune from the Gröbner bases attacks because obtaining parameters of F(X) to be secret keys arrives at solving the multivariate algebraic equations that is one of NP complete problems .

This paper presents a construction for a class of 1-resilient Boolean functions with optimal algebraic immunity on an even number of variables by dividing them into two correlation classes, i.e. equivalence classes. From which, a nontrivial pair of functions has been found by applying the generating matrix. For $n$ is small (e.g. $n=6$), a part of these functions achieve almost optimal nonlinearity. Apart from their good nonlinearity, the functions reach Siegenthaler's \cite{Siegenthaler}...

In this paper, we propose a class of 1-resilient Boolean function with optimal algebraic degree and high nonlinearity, moreover, based on the conjecture proposed in [4], it can be proved that the algebraic immunity of our function is at least suboptimal.

It is a difficult challenge to find Boolean functions used in stream ciphers achieving all of the necessary criteria and the research of such functions has taken a significant delay with respect to cryptanalyses. A lot of attacks has led to design criteria for these functions; mainly: balancedness, a high algebraic degree, a high nonlinearity, a good behavior against Fast Algebraic Attacks and also a high algebraic immunity (which is now an absolutely necessary criterion (but not sufficient)...

Recently, Tu and Deng proposed a combinatorial conjecture on binary string, on the premise that the conjecture is correct they obtain two classes of Boolean functions which are both algebraic immunity optimal: the first class of functions are also bent. The second class are balanced functions, which have optimal algebraic degree and the best nonlinearity up to now. In this paper, from three different sides, we prove this conjecture is true in many cases with different counting strategies. We...

In this paper, we propose a combinatoric conjecture on binary string, on the premise that our conjecture is correct we mainly obtain two classes of functions which are both algebraic immunity optimal: the first class of functions are also bent, moreover, from this fact we conclude that the algebraic immunity of bent functions can take all possible values except one. The second class are balanced functions, which have optimal algebraic degree and the best nonlinearity up to now.

In this paper we propose a new MPKC, called PPS, based on (i) the 2-layer nonlinear piece in hand method, (ii) PMI, and (iii) STS. The PPS is a specific MPKC obtained by applying the 2-layer nonlinear piece in hand method to STS, in the manner that the rank and randomness of the lower rank steps in the original secret polynomial vector of STS are enhanced by adding a perturbation polynomial vector and moreover PMI is used in the auxiliary part. The PPS overcomes the drawbacks of the three...

This paper proposed a first order recursive construction of Boolean function with optimum algebraic immunity. We also show that the Boolean functions are balanced and have good algebraic degrees.

This paper proposed an improved construction of even-variable Boolean function with optimum algebraic immunity. Compared with those in~\cite{Carl06}, our Boolean functions are more balance. Specially, for $k{=}2t{+}1$ $(t{>}1)$, the $2k$-variables Boolean function is balanced. Furthermore, we generalized it to a class of constructions, meaning there would be much more constructions.

The correlation immunity is known as an important cryptographic measure of a Boolean function with respect to its resist against the correlation attack. This paper generalizes the concept of correlation immunity to be of a fractional value, called fractional correlation immunity, which is a fraction between 0 and 1, and correlation immune function is the extreme case when the fractional correlation immunity is 1. However when a function is not correlation immune in the traditional sense, it...

This paper looks at the possibility of combining a block cipher and a stream cipher to get a strong hybrid cipher. It includes two specific proposals for combining AES-128 and RC4-128 to get a cipher that takes a 256-bit key and is significantly faster than AES-256, and arguably more secure. One is immune to algebraic attacks.

We study an infinite class of functions which provably achieve an optimum algebraic immunity, an optimum algebraic degree and a good nonlinearity. We checked that it has also a good behavior against fast algebraic attacks.

Because of the algebraic attacks, a high algebraic immunity is now an important criteria for Boolean functions used in stream ciphers. In this paper, by using the relationship between some flats and support of a n variables Boolean function f, we introduce a general method to determine the algebraic immunity of a Boolean function and finally construct some balanced functions with optimum algebraic immunity.

Abstract. Algebraic attacks are relatively new and interesting subject in cryptanalysis. The algebraic attacks where introduced in [1], where several possible attack's scenarios where given. The big attention was paid to deterministic scenarios of those. In this paper, probabilistic scenarios are studied. Conception of conditional correlation and partial higher order nonlinearity of Boolean function where introduced (briefly definition of conditional correlation: $C(g,f|f = a): = \Pr (g...

Among cryptographically significant characteristics of Boolean functions used in symmetric ciphers the algebraic immunity and the nonlinearities of high orders play the important role. Some bounds on the nonlinearities of high orders of Boolean functions via its algebraic immunity were obtained in recent papers. In this paper we improve these results and obtain new tight bounds. We prove new universal tight lower bound that reduces the problem of an estimation of high order nonlinearities to...

In this paper we study the neighbourhood of $15$-variable Patterson-Wiedemann (PW) functions, i.e., the functions that differ by a small Hamming distance from the PW functions in terms of truth table representation. We exploit the idempotent structure of the PW functions and interpret them as Rotation Symmetric Boolean Functions (RSBFs). We present techniques to modify these RSBFs to introduce zeros in the Walsh spectra of the modified functions with minimum reduction in nonlinearity. Our...

Thanks to a method proposed by Carlet, several classes of balanced Boolean functions with optimum algebraic immunity are obtained. By choosing suitable parameters, for even $n\geq 8$, the balanced $n$-variable functions can have nonlinearity $2^{n-1}-{n-1\choose\frac{n}{2}-1}+2{n-2\choose\frac{n}{2}-2}/(n-2)$, and for odd $n$, the functions can have nonlinearity $2^{n-1}-{n-1\choose\frac{n-1}{2}}+\Delta(n)$, where the function $\Delta(n)$ is describled in Theorem 4.4. The algebraic degree...

In this paper we present a theoretical construction of Rotation Symmetric Boolean Functions (RSBFs) on odd number of variables with maximum possible \ai and further these functions are not symmetric. Our RSBFs are of better nonlinearity than the existing theoretical constructions with maximum possible \ai. To get very good nonlinearity, which is important for practical cryptographic design, we generalize our construction to a construction cum search technique in the RSBF class. We find 7, 9,...

Algebraic immunity of Boolean functions is a very important concept in recently introduced algebraic attacks of stream cipher. For a $n$-variable Boolean function $f$, the algebraic immunity $AI_n(f)$ takes values in $\{0,1,\ldots,\lceil\frac{n}{2}\rceil\}$. For every $k$ in this range, denote $B_{n,k}$ the set of all $n$-variable Boolean functions with algebraic immunity $k$, and we know that $B_{n,k}$ is always non-empty. According to the algebraic immunity, we can form a hierarchy of...

The recent algebraic attacks have received a lot of attention in cryptographic literature. The algebraic immunity of a Boolean function quantifies its resistance to the standard algebraic attacks of the pseudo-random generators using it as a nonlinear filtering or combining function. Very few results have been found concerning its relation with the other cryptographic parameters or with the $r$-th order nonlinearity. As recalled by Carlet at Crypto'06, many papers have illustrated the...

In this correspondence, construction of balanced Boolean functions with maximum possible algebraic (annihilator) immunity (AI) is studied with an additional property which is necessary to resist fast algebraic attack. The additional property considered here is, given an $n$-variable ($n$ even) balanced function $f$ with maximum possible AI $\frac{n}{2}$, and given two $n$-variable Boolean functions $g, h$ such that $fg = h$, if $\deg(h) = \frac{n}{2}$, then $\deg(g)$ must be greater than or...

The algebraic immunity of an S-box depends on the number and type of linearly independent multivariate equations it satisfies. In this paper techniques are developed to find the number of linearly independent, multivariate, bi-affine and quadratic equations for S-boxes based on power mappings. These techniques can be used to prove the exact number of equations for any class of power mappings. Two algorithms to calculate the number of bi-affine and quadratic equations for any $(n,n)$ S-box...

We show in this paper how to apply well known methods from sparse linear algebra to the problem of computing the immunity of a Boolean function against algebraic or fast algebraic attacks. For an $n$-variable Boolean function, this approach gives an algorithm that works for both attacks in $O(n2^{n} D)$ complexity and $O(n2^n)$ memory. Here $D = \binom{n}{d}$ and $d$ corresponds to the degree of the algebraic system to be solved in the last step of the attacks. For algebraic attacks, our...

Because of the recent algebraic attacks, a high algebraic immunity is now an absolutely necessary (but not sufficient) property for Boolean functions used in stream ciphers. A difference of only 1 between the algebraic immunities of two functions can make a crucial difference with respect to algebraic attacks. Very few examples of (balanced) functions with high algebraic immunity have been found so far. These examples seem to be isolated and no method for obtaining such functions is known....

It has been noted recently that algebraic (annihilator) immunity alone does not provide sufficient resistance against algebraic attacks. In this regard, given a Boolean function $f$, just checking the minimum degree annihilators of $f, 1+f$ is not enough and one should check the relationsips of the form $fg = h$, and a function $f$, even if it has very good algebraic immunity, is not necessarily good against fast algebraic attack, if degree of $g$ becomes very low when degree of $h$ is equal...

We extend the lower bound, obtained by M. Lobanov, on the first order nonlinearity of functions with given algebraic immunity, into a bound on the higher order nonlinearities.

This paper gives a construction method which can get a large class of Boolean functions with maximum algebraic immunity(AI) from one such giving function. Our constructions get more functions than any previous construction. The cryptographic properties, such as balance, algebraic degree etc, of those functions are studied. It shows that we can construct Boolean functions with better cryptographic properties, which gives the guidance for the design of Boolean functions to resist algebraic...

We obtain tight bound between nonlinearity and algebraic immunity of a Boolean function and construct balanced functions that achive this bound for all possible values of parameters.

In this paper two important issues in theory of algebraic attacks are addressed. We first provide a theoretical framework for better understanding of design rationale in construction of Boolean functions with maximum algebraic immunity. Based on these results, an iterative design of functions with maximum possible algebraic immunity is proposed. In contrast to known constructions, our method generates balanced functions of maximum degree and high nonlinearity, that is functions satisfying...

In this paper, we analyse the algebraic immunity of symmetric Boolean functions. We identify a set of lowest degree annihilators for symmetric functions and propose an efficient algorithm for computing the algebraic immunity of a symmetric function. The existence of several symmetric functions with maximum algebraic immunity is proven. In this way, a new class of function which have good implementation properties and maximum algebraic immunity is found. We also investigate the existence of...

Sfinks is an LFSR-based stream cipher submitted to ECRYPT call for stream ciphers by Braeken, Lano, Preneel et al. The designers of Sfinks do not to include any protection against algebraic attacks. They rely on the so called "Algebraic Immunity", that relates to the complexity of a simple algebraic attack, and ignores other algebraic attacks. As a result, Sfinks is insecure.

So far there is no systematic attempt to construct Boolean functions with maximum annihilator immunity. In this paper we present a construction keeping in mind the basic theory of annihilator immunity. This construction provides functions with the maximum possible annihilator immunity and the weight, nonlinearity and algebraic degree of the functions can be properly calculated under certain cases. The basic construction is that of symmetric Boolean functions and applying linear...

In this paper we are interested in algebraic immunity of several well known highly-nonlinear vectorial Boolean functions (or S-boxes), designed for block and stream ciphers. Unfortunately, ciphers that use such S-boxes may still be vulnerable to so called "algebraic attacks" proposed recently by Courtois, Pieprzyk, Meier, Armknecht, et al. These attacks are not always feasible in practice but are in general very powerful. They become possible, if we regard the S-boxes, no longer as...

Construction of Boolean functions with cryptographic properties is an important and difficult work. In this paper, we concentrate on rotation symmetric Boolean functions(RSBFs), which are invariant under circular translation of indices. Recent research show that this class of Boolean function is rich in functions of cryptographic signifinance. In this paper, we consider the RSBFs on even number variable. We show that the matrix $_n\mathcal{A}$ may result in a better form after rearrange...

Construction methods of Boolean functions with cryptographically significant properties is an important and difficult problem. In this work we investigate the class of rotation symmetric Boolean functions (RSBFs). These functions are invariant under circular translation of indices and were mainly introduced for efficient implementation purposes. First, we derive general results on these functions. Afterwards, we concentrate on plateaued RSBFs on odd number of variables, which have three...

The currently known constructions of Boolean functions with high nonlinearities, high algebraic degrees and high resiliency orders do not seem to permit achieving sufficiently high algebraic immunities. We introduce a construction of Boolean functions, which builds a new function from three known ones. Assuming that the three functions have some resiliency order, nonlinearity and algebraic degree, as well as their sum modulo 2, the constructed function has the same resiliency order and can...