Enhanced Boolean functions suitable for the filter model of pseudo-random generator

Abstract

The filter model of pseudo-random generator (in stream ciphers) is currently the only one for which are known infinite classes of Boolean functions allowing to resist all the main known attacks. The combiner model, which is another possible way of using Boolean functions, requires the same properties as the filter model does, plus one extra criterion the Boolean function must fulfil: high order resiliency. No construction of functions is known which ensures all criteria for the combiner model, even if resiliency is taken in a weakened form, while such constructions are known for the filter model. But nonlinear functions used in this model must be in the particular form $$x_n+f(x_1,\dots ,x_{n-1})$$xn+f(x1,?,xn-1) to allow resistance to the distinguishing attacks for any choice of the tapping sequence. Much work has been done to construct and study Boolean functions allowing resistance to the main known attacks (the Berlekamp---Massey and ROnjom---Helleseth attacks, fast correlation attacks, algebraic attacks and fast algebraic attacks) on stream ciphers using the filter model. None of the found functions has the desired form above. Of course, we can take a function in $$n-1$$n-1 variables and add the extra variable $$x_n$$xn in order to obtain the desired form, but the algebraic immunity of the resulting function can be either equal to that of the original function $$f$$f (and it cannot then be optimal if $$n$$n is odd) or larger by 1. An increasement by 1 considerably impacts the complexity of algebraic attacks. Moreover, taking the best known constructions of functions and adapting them to the desired form result on functions which no longer ensure the best possible algebraic degree. This represents a gap in the research for Boolean functions usable in the filter model. In this paper we study the behavior of the cryptographic characteristics of a function when it is modified into the desired form and we study constructions of functions ensuring an optimal or almost-optimal tradeoff between all the necessary features in this form.