Cryptology ePrint Archive: Report 2012/547

Constrained Search for a Class of Good S-Boxes with Improved DPA Resistivity

Bodhisatwa Mazumdar and Debdeep Mukhopadhyay and Indranil Sengupta

Abstract: In FSE 2005, \emph{transparency order} was proposed as a parameter for the robustness of S-boxes to \emph{Differential Power Analysis} (DPA):lower \emph{transparency order} implying more resistance. However most cryptographically strong Boolean functions have been found to have high \emph{transparency order}. Also it is a difficult problem to search for Boolean functions which are strong cryptographically, and yet have low \emph{transparency order}, the total search space for $(n,n)$-bit Boolean functions being as large as $n2^{2^n}$. In this paper we characterize \emph{transparency order} for various classes of Boolean functions by computing the upper and lower bounds of \emph{transparency order} for both even and odd numbers of variables. The transparency order is defined in terms of \emph{diffusion} properties of the structures of Boolean functions namely the number of bit flips in the output of the functions corresponding to the number of bit flips at the input of the function. The calculated bounds depend on the number of vectors flipping the input of S-box for which bias of probability of S-box output bit deviates from the value of 0.5. The \emph{transparency order} is found to be high in the class of those Boolean functions which have larger cardinality of input differences for which the probability of output bit flip is 0.5. Also we find that instead of \emph{propagation characteristics}, \emph{autocorrelation spectra} of the S-box function $F$ is a more qualifying candidate in deciding the characteristics of \emph{transparency order}. The relations developed to characterize \emph{transparency order} aid in our constrained random generation and search of a class of balanced $8\times8$ S-boxes with \emph{transparency order} upper bounded by 7.8, \emph{nonlinearity} in range $(104,110)$ and \emph{absolute indicator values} of \emph{GAC} in range $(48,88)$.

Category / Keywords: secret-key cryptography / block ciphers, boolean functions

Date: received 18 Sep 2012, last revised 20 Sep 2012

Contact author: bodhisatwa at cse iitkgp ernet in

Available format(s): PDF | BibTeX Citation

Note: Did not get any submission receipt email-id from Cryptology ePrint when we submitted for the first time

Version: 20120922:124017 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]