Abstract
Many block ciphers use permutations defined over the finite field F22k with low differential uniformity, high nonlinearity, and high algebraic degree to provide confusion. Due to the lack of knowledge about the existence of almost perfect nonlinear (APN) permutations over F22k, which have lowest possible differential uniformity, when k > 3, constructions of differentially 4-uniform permutations are usually considered. However, it is also very difficult to construct such permutations together with high nonlinearity; there are very few known families of such functions, which can have the best known nonlinearity and a high algebraic degree. At Crypto’16, Perrin et al. introduced a structure named butterfly, which leads to permutations over F22k with differential uniformity at most 4 and very high algebraic degree when k is odd. It is posed as an open problem in Perrin et al.’s paper and solved by Canteaut et al. that the nonlinearity is equal to 22k−1−2k. In this paper, we extend Perrin et al.’s work and study the functions constructed from butterflies with exponent e = 2i + 1. It turns out that these functions over F22k with odd k have differential uniformity at most 4 and algebraic degree k +1. Moreover, we prove that for any integer i and odd k such that gcd(i, k) = 1, the nonlinearity equality holds, which also gives another solution to the open problem proposed by Perrin et al. This greatly expands the list of differentially 4-uniform permutations with good nonlinearity and hence provides more candidates for the design of block ciphers.
Highlights
In block ciphers nonlinear functions over finite fields are usually used as substitution boxes (S-boxes) to provide confusion
In order to resist various kinds of cryptographical attacks, S-boxes used in block ciphers should possess, for example, low differential uniformity, and high nonlinearity
We study the functions constructed from butterflies with exponent e = 2i + 1 and prove that these functions have differential uniformity at most 4 and their algebraic degree are k + 1 when n = 2k for k odd
Summary
In block ciphers nonlinear functions over finite fields are usually used as substitution boxes (S-boxes) to provide confusion. We can see that the list of differentially 4-uniform permutations with the best known nonlinearity and high algebraic degree over the fields of even extension degree is still limited. In [CDP17], Canteaut et al generalise the family of butterflies, and showed that when e = 3, the generalised butterflies have differential uniformity exactly 4 with one exception which is affine equivalent to the Dillon’s APN permutation They prove that this family functions have the best known nonlinearity and give their algebraic degree. In [LW14b], Li and Wang proposed a construction from 3-round Feistel structure, which is a particular case of the butterfly with trivial coefficient 1 They proved that these functions have differential uniformity 4 and algebraic degree k.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
