**Further Cryptographic Properties of the Multiplicative Inverse Function**

*Deng Tang and Bimal Mandal and Subhamoy Maitra*

**Abstract: **Differential analysis is an important cryptanalytic technique on block ciphers. In one form, this measures the probability of occurrence of the differences between certain inputs vectors and the corresponding outputs vectors. For this analysis, the constituent S-boxes of Block cipher need to be studied carefully. In this direction, we derive further cryptographic properties of inverse function, especially higher-order differential properties here. This improves certain results of Boukerrou et al [ToSC 2020(1)]. We prove that inverse function defined over $\mathbb F_{2^n}$ has an error (bias) in its second-oder differential spectrum with probability $\frac{1}{2^{n-2}}$, and that error occurs in more than one places. To the best of our knowledge, this result was not known earlier. Further, for the first time, we analyze the Gowers uniformity norm of S-boxes which is also a measure of resistance to higher order approximations. Finally, the bounds related to the nonlinearity profile of multiplicative inverse function
are derived using both Gowers $U_3$ norm and Walsh--Hadamard spectrum. Some of our findings provide slightly improved bounds over the work of Carlet [IEEE-IT, 2008]. All our results might have implications towards non-randomness of a block cipher where the inverse function is used as a primitive.

**Category / Keywords: **foundations / Block Cipher, Boolean function, Differential uniformity, Gowers uniformity norm, Nonlinearity, S-box

**Date: **received 23 Jul 2020

**Contact author: **subho at isical ac in

**Available format(s): **PDF | BibTeX Citation

**Version: **20200726:062456 (All versions of this report)

**Short URL: **ia.cr/2020/920

[ Cryptology ePrint archive ]