Abstract
For years, the cryptographic community has searched for good nonlinear functions. Bent functions, almost perfect nonlinear functions, and similar constructions have been suggested as a good base for cryptographic applications due to their highly nonlinear nature. In the first part of this paper we study these functions as block ciphers, and present several distinguishers between almost perfect nonlinear permutations and random permutations. The data complexity of the best distinguisher is O(2n/3) and its time complexity is O(22n/3) for an n-bit block size, independent of the key size. In the second part of the paper we suggest a criterion to measure the effective linearity of a given block cipher. We devise a distinguisher for general block ciphers based on their effective linearity. Finally, we show that for several constructions, our distinguishing attack is better than previously known techniques.
Original language | English |
---|---|
Pages (from-to) | 295-312 |
Number of pages | 18 |
Journal | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
Volume | 3960 LNCS |
DOIs | |
State | Published - 2006 |
Externally published | Yes |
Event | Topics in Cryptology - CT-RSA 2006: The Cryptographers' Track at the RSA Conference 2006, Proceedings - San Jose, CA, United States Duration: 13 Feb 2005 → 17 Feb 2005 |
Keywords
- Almost perfect nonlinear permutations
- Differential cryptanalysis
- Effective linearity
- Highly nonlinear functions
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science