Thumbnail
Access Restriction
Open

Author Zhang, Xian-Mo ♦ Zheng, Yuliang ♦ Imai, Hideki
Source CiteSeerX
Content type Text
File Format PDF
Subject Domain (in DDC) Computer science, information & general works ♦ Data processing & computer science
Abstract Due to the success of differential and linear attacks on a large number of encryption algorithms, it is important to investigate relationships among the various cryptographic, including differential and linear, characteristics of an S-box (substitution box). After discussing a precise relationship among three tables, namely the difference, auto-correlation and correlation immunity distribution tables, of an S-box, we develop a number of results on various properties of S-boxes. These results include: (1) an interesting equivalence relationship between a regular (balanced) S-box and a tight lower bound on the sum of elements in the leftmost column of its differential distribution table, (2) a proof for the nonexistence of quadratic S-boxes with a uniformly half-occupied difference distribution table for the case of n > = 2m 01. This serves as a piece of evidence that further supports an important and unproven conjecture, namely, for all n> m, there exist no n 2 m S-boxes with a uniformly half-occupied difference distribution table. Prior to this work, the best known result that supports the conjecture is that there exist no quadratic S-boxes with a uniformly half-occupied difference distribution table if n or m is even, (3) a non-trivial and tight lower bound on the differential uniformity of an S-box, and (4) two upper bounds on the nonlinearity ofS-boxes (one for a general, not necessarily regular, S-box and the other for a regular S-box).
Educational Role Student ♦ Teacher
Age Range above 22 year
Educational Use Research
Education Level UG and PG ♦ Career/Technical Study
Publisher Date 1997-01-01