摘要
基于元胞自动机的S盒具有实现代价低、安全性能好等优点,广泛应用于Keccak等密码算法中.关杰等提出了一类新的基于元胞自动机的S盒,并指出该类S盒比Keccak类S盒差分性质更好.本文研究了这类S盒的线性性质,解决了这类S盒的Walsh谱分布规律问题,证明了这类S盒的非平凡相关优势只可能取到2^(-k),其中k∈Z且0≤k≤[2^(-1)n],并且对于每一个k,都存在相应的掩码对使得相关优势等于2^(-k),给出了相关优势取到2^(-1)时的充要条件及掩码对的计数,给出了规模为5时非平凡相关优势取到最小值的充要条件,指出这类S盒的线性性质优于Keccak类S盒.
S-boxes based on cellular automata have low implementation cost and well security performance,and are widely used in Keccak and other cryptographic algorithms.A new S-box based on cellular automata was proposed by Guan,which has better difference properties than Keccak S-box.This paper analyzes the linear properties of this kind of S-boxes,and solves the Walsh spectral distribution problem.It is proved that,the nontrivial correlation advantage of this kind of S-boxes must be 2^(-k),where k∈Z,0≤k≤[2^(-1)n],and for each k,there are corresponding mask pairs such that the correlation advantage is 2^(-k).Some sufficient and necessary conditions for the correlation advantage to reach 2^(-1)and the number of mask pairs are given,and some necessary and sufficient conditions for getting the minimum value of the nontrivial correlation advantage are given when the size is 5.It is pointed out that,the linear properties of this kind of S-boxes are better than those of Keccak-like S-boxes.
作者
关杰
卢健伟
刘帅
GUAN Jie;LU Jian-Wei;LIU Shuai(Strategic Support Force Information Engineering University,Zhengzhou 450001,China)
出处
《密码学报》
CSCD
2021年第4期650-659,共10页
Journal of Cryptologic Research
基金
国家自然科学基金(61572516)。
关键词
元胞自动机
S盒
线性性质
哈希函数
cellular automata
S-box
linear property
hash function
