Paper 2016/188

On the division property of S-boxes

Faruk Göloğlu, Vincent Rijmen, and Qingju Wang

Abstract

In 2015, Todo introduced a property of multisets of a finite field called the division property. It is then used by Todo in an attack against the S7 S-box of the MISTY1 cipher. This paper provides a complete mathematical analysis of the division property. The tool we use is the discrete Fourier transform. We relate the division property to the natural concept of the degree of a subset of a finite field. This indeed provides a characterization of multisets satisfying the division property. In 2015, Sun et al. gave some properties related to the division property. In this paper we give a complete characterization and reprove many of their results. We show that the division property is actually the dual of the degree of $t$-products of the inverse S-box and show these two characteristics are affine invariants. We then propose a very efficient way to check vulnerability of a given S-box against attacks of this type. We also reprove some recent interesting results using the method based on the discrete Fourier transform. We finally check whether the S-boxes of the candidate ciphers in the CAESAR competition are vulnerable against attacks based on the division property.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
Discrete Fourier Transformintegral attackdivision property
Contact author(s)
farukgologlu @ gmail com
History
2016-02-23: received
Short URL
https://ia.cr/2016/188
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2016/188,
      author = {Faruk Göloğlu and Vincent Rijmen and Qingju Wang},
      title = {On the division property of S-boxes},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/188},
      year = {2016},
      url = {https://eprint.iacr.org/2016/188}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.