Research On Several Cryptographic Properties Of Boolean Functions And S-boxes Construction

The security of cryptographic systems has been an issue that people have been paying attention to since the birth of cryptography.According to the different ways of encrypting plaintext,symmetric cipher or single key cipher can be divided into stream cipher and block cipher.Stream ciphers are mainly divided into combined stream cipher systems and filtered stream cipher systems.The security strength of these stream cipher systems is closely related to the cryptographic properties of the selected combination function and filter function(single output Boolean function or multiple output Boolean function).The block cipher groups the plaintext and encrypts it group by group.Its typical representative is the DES system.S-box is the core component of DES system,and the S-box is essentially a set of multi-output Boolean functions,so the study of S-box is essentially a study of the properties of multi-output Boolean functions.It can be seen that whether it is a stream cipher or a block cipher,the research on the security of the system is closely related to the study of the cryptographic properties of the cryptographic function.These cryptographic properties are correlation immunity(resistance to correlation attacks or divide and conquer attacks),balance(resistance to probabilistic attacks),nonlinearity(resistance to linear attacks),differential uniformity(resistance to differential attacks),boomerang uniformity(resistance to boomerang attacks),etc.This dissertation has achieved the following results by studying the cryptography properties of single-output Boolean functions and multi-output Boolean functions:1.In stream cipher,correlation immunity is required for cryptographic functions to resist correlation attacks or divide and conquer attacks.This dissertation gives the discrete Fourier spectral characterization of the correlation immunity of functions.Discrete Fourier transform in the complex field is a very important mathematical tool,Wang and Gong gave the Fourier spectral characterization of correlation-immune functions over F₂.But their method can't be directly extended to correlation-immune functions over F_p.By the study of a sequence corresponding to a function,the associated polynomial of the sequence,the cyclotomic polynomial and the discrete Fourier transform in the complex filed,the Fourier spectral characterization of the correlation immunity of functions over F_p is derived.Compared with the Walsh spectral characterization method,the Fourier spectral characterization only needs to calculate the Fourier spectrum value at a specific point.This characterization method is particularly suitable for symmetric functions.Only one point instead of multiple points is needed to calculate the Fourier spectrum,which reduces the computational complexity effectively.The Fourier spectral characterization is also given for the resilient functions(balanced correlation-immune functions).Note that the Fourier spectral characterization of the correlation immune function over F₂ can be regarded as a special case of the characterization of the correlation-immune functions over F_p.2.Multi-output correlation-immune Boolean functions have important applications in both stream ciphers and block ciphers.In stream cipher,the generation speed of key stream will be improved;in block cipher,the huge system overhead brought by the strategy of resisting side-channel attacks will be reduced.This dissertation presents three new methods to characterize the correlation immunity of multi-output Boolean functions.There are some different representation methods for multi-output Boolean functions to adapt to the research of different application scenarios.For example,multi-output Boolean functions are usually represented by trace functions when we study the functions in finite fields.The core idea of the first two methods in this dissertation is to use a generalized Boolean function to represent a multi-output Boolean function,so as to obtain new Walsh spectral characterization and discrete Fourier spectrum characterization in complex filed.Among them,the discrete Fourier spectrum characterization method is particularly suitable for symmetric functions,which will reduce the computational complexity.The third characterization method is to represent a multi-output Boolean function with its component functions,so the study of a multi-output Boolean function is transformed into the study of its component functions.This dissertation gives the discrete Fourier spectrum characterization under this representation method.3.The generalized bent function is a generalized Boolean function with optimal nonlinearity.It inherits many characteristics of the bent function.This dissertation shows a class of generalized quadratic bent functions.This class of generalized quadratic bent functions is exactly contained in the functions corresponding to the quaternary standard Golay sequences.Therefore,another significance of this work is to establish the relationship between quaternary standard Golay sequences and generalized bent functions in order to provide a new idea to solve an open problem in sequence design.This work proves that quaternary Golay sequences can only be constructed from generalized Boolean functions satisfying spectral values given in this dissertation.On the other hand,constructions of new quaternary Golay sequences may help us find new generalized Boolean functions with specific spectrum,such as generalized bent functions.4.S-box is the core component or operation of block cipher,which provides the confusion for cryptographic systems.This dissertation constructs S-boxes with good cryptographic properties based on cellular automata.Those cryptographic properties include balance,algebraic degree,nonlinearity,differential uniformity,boomerang uniformity and so on.Both traditional block ciphers and lightweight block ciphers used in the Internet of Things(IoT)are vulnerable to fault injection attacks.This dissertation designs the S-boxes with 8-bit input and 8-bit output based on cellular automata,which can check two-byte errors and correct one-byte error.Consequently the S-box can automatically repair the error and ensure the correct ciphertext output,so that the fault injection attack is invalid.Although some redundant computation is introduced,the cryptographic device will not stop working and will resist the double faults attack.At the same time,the S-box based on cellular automata is more efficient in hardware implementation.