Generic Hardware Private Circuits

With an increasing number of mobile devices and their high accessibility, protecting the implementation of cryptographic functions in the presence of physical adversaries has become more relevant than ever. Over the last decade, a lion’s share of research in this area has been dedicated to developing countermeasures at an algorithmic level. Here, masking has proven to be a promising approach due to the possibility of formally proving the implementation’s security solely based on its algorithmic description by elegantly modeling the circuit behavior. Theoretically verifying the security of masked circuits becomes more and more challenging with increasing circuit complexity. This motivated the introduction of security notions that enable masking of single gates while still guaranteeing the security when the masked gates are composed. Systematic approaches to generate these masked gates – commonly referred to as gadgets – were restricted to very simple gates like 2-input AND gates. Simply substituting such small gates by a secure gadget usually leads to a large overhead in terms of fresh randomness and additional latency (register stages) being introduced to the design.In this work, we address these problems by presenting a generic framework to construct trivially composable and secure hardware gadgets for arbitrary vectorial Boolean functions, enabling the transformation of much larger sub-circuits into gadgets. In particular, we present a design methodology to generate first-order secure masked gadgets which is well-suited for integration into existing Electronic Design Automation (EDA) tools for automated hardware masking as only the Boolean function expression is required. Furthermore, we practically verify our findings by conducting several case studies and show that our methodology outperforms various other masking schemes in terms of introduced latency or fresh randomness – especially for large circuits.

Download Full-text

Crypto-Archaeology: unearthing design methodology of DES s-boxes

10.7287/peerj.preprints.3285v1 ◽

2017 ◽

Author(s):

Sankhanil Dey ◽

Ranjan Ghosh

Keyword(s):

Boolean Function ◽

Boolean Functions ◽

Design Methodology ◽

Block Cipher ◽

Block Ciphers ◽

Public Domain ◽

Differential Cryptanalysis ◽

Linear Cryptanalysis ◽

Strict Avalanche Criterion ◽

Independence Criterion

US defence sponsored the DES program in 1974 and released it in 1977. It remained as a well-known and well accepted block cipher until 1998. Thirty-two 4-bit DES S-Boxes are grouped in eight each with four and are put in public domain without any mention of their design methodology. S-Boxes, 4-bit, 8-bit or 32-bit, find a permanent seat in all future block ciphers. In this paper, while looking into the design methodology of DES S-Boxes, we find that S-Boxes have 128 balanced and non-linear Boolean Functions, of which 102 used once, while 13 used twice and 92 of 102 satisfy the Boolean Function-level Strict Avalanche Criterion. All the S-Boxes satisfy the Bit Independence Criterion. Their Differential Cryptanalysis exhibits better results than the Linear Cryptanalysis. However, no S-Boxes satisfy the S-Box-level SAC analyses. It seems that the designer emphasized satisfaction of Boolean-Function-level SAC and S-Box-level BIC and DC, not the S-Box-level LC and SAC.

Download Full-text

1-Resilient Boolean Functions on Even Variables with Almost Perfect Algebraic Immunity

Security and Communication Networks ◽

10.1155/2017/6268230 ◽

2017 ◽

Vol 2017 ◽

pp. 1-9 ◽

Cited By ~ 2

Author(s):

Gang Han ◽

Yu Yu ◽

Xiangxue Li ◽

Qifeng Zhou ◽

Dong Zheng ◽

...

Keyword(s):

Boolean Function ◽

Boolean Functions ◽

Algebraic Immunity ◽

Immune Functions ◽

Cryptographic Primitives ◽

Algebraic Attacks ◽

First Order ◽

New Class ◽

Resilient Function ◽

Fast Algebraic Attacks

Several factors (e.g., balancedness, good correlation immunity) are considered as important properties of Boolean functions for using in cryptographic primitives. A Boolean function is perfect algebraic immune if it is with perfect immunity against algebraic and fast algebraic attacks. There is an increasing interest in construction of Boolean function that is perfect algebraic immune combined with other characteristics, like resiliency. A resilient function is a balanced correlation-immune function. This paper uses bivariate representation of Boolean function and theory of finite field to construct a generalized and new class of Boolean functions on even variables by extending the Carlet-Feng functions. We show that the functions generated by this construction support cryptographic properties of 1-resiliency and (sub)optimal algebraic immunity and further propose the sufficient condition of achieving optimal algebraic immunity. Compared experimentally with Carlet-Feng functions and the functions constructed by the method of first-order concatenation existing in the literature on even (from 6 to 16) variables, these functions have better immunity against fast algebraic attacks. Implementation results also show that they are almost perfect algebraic immune functions.

Download Full-text

MORE VECTORIAL BOOLEAN FUNCTIONS WITH UNBOUNDED NONLINEARITY PROFILE

International Journal of Foundations of Computer Science ◽

10.1142/s0129054111008696 ◽

2011 ◽

Vol 22 (06) ◽

pp. 1259-1269 ◽

Cited By ~ 7

Author(s):

CLAUDE CARLET

Keyword(s):

Boolean Function ◽

Boolean Functions ◽

Multiplicative Inverse ◽

First Order ◽

Vectorial Function ◽

Close Relationship ◽

Vectorial Functions ◽

Inverse Functions ◽

Gowers Norm ◽

Class Of Functions

The nonlinearity profile of Boolean functions is a generalization of the most important cryptographic criterion, called the (first order) nonlinearity. It is defined as the sequence of the minimum Hamming distances nlr(f) between a given Boolean function f and all Boolean functions in the same number of variables and of degrees at most r, for r ≥ 1. This parameter, which has a close relationship with the Gowers norm, quantifies the resistance to cryptanalyses by low degree approximations of stream ciphers using the Boolean function f as combiner or as filter. The nonlinearity profile can also be defined for vectorial functions: it is the sequence of the minimum Hamming distances between the component functions of the vectorial function and all Boolean functions of degrees at most r, for r ≥ 1. The nonlinearity profile of the multiplicative inverse functions has been lower bounded in a previous paper by the same author. No other example of an infinite class of functions with unbounded nonlinearity profile has been exhibited since then. In this paper, we lower bound the whole nonlinearity profile of the (simplest) Dillon bent function (x,y) ↦ xy2n/2-2, x, y ∈ 𝔽2n/2 and we exhibit another class of functions, for which bounding the whole profile of each of them comes down to bounding the first order nonlinearities of all functions.

Download Full-text

Crypto-Archaeology: unearthing design methodology of DES s-boxes

10.7287/peerj.preprints.3285 ◽

2017 ◽

Author(s):

Sankhanil Dey ◽

Ranjan Ghosh

Keyword(s):

Boolean Function ◽

Boolean Functions ◽

Design Methodology ◽

Block Cipher ◽

Block Ciphers ◽

Public Domain ◽

Differential Cryptanalysis ◽

Linear Cryptanalysis ◽

Strict Avalanche Criterion ◽

Independence Criterion

Download Full-text

On 1-stable perfectly balanced Boolean functions

Discrete Mathematics and Applications ◽

10.1515/dma-2017-0013 ◽

2017 ◽

Vol 27 (2) ◽

Author(s):

Stanislav V. Smyshlyaev

Keyword(s):

Boolean Function ◽

Boolean Functions ◽

The Other ◽

Correlation Immunity ◽

Other Hand

AbstractThe paper is concerned with relations between the correlation-immunity (stability) and the perfectly balancedness of Boolean functions. It is shown that an arbitrary perfectly balanced Boolean function fails to satisfy a certain property that is weaker than the 1-stability. This result refutes some assertions by Markus Dichtl. On the other hand, we present new results on barriers of perfectly balanced Boolean functions which show that any perfectly balanced function such that the sum of the lengths of barriers is smaller than the length of variables, is 1-stable.

Download Full-text

Clique Here: On the Distributed Complexity in Fully-Connected Networks

Parallel Processing Letters ◽

10.1142/s0129626416500043 ◽

2016 ◽

Vol 26 (01) ◽

pp. 1650004 ◽

Cited By ~ 1

Author(s):

Benny Applebaum ◽

Dariusz R. Kowalski ◽

Boaz Patt-Shamir ◽

Adi Rosén

Keyword(s):

Boolean Function ◽

Boolean Functions ◽

Message Passing ◽

Constant Number ◽

Running Time ◽

Message Size ◽

Explicit Function ◽

Randomized Protocols ◽

Fully Connected ◽

Fully Connected Networks

We consider a message passing model with n nodes, each connected to all other nodes by a link that can deliver a message of B bits in a time unit (typically, B = O(log n)). We assume that each node has an input of size L bits (typically, L = O(n log n)) and the nodes cooperate in order to compute some function (i.e., perform a distributed task). We are interested in the number of rounds required to compute the function. We give two results regarding this model. First, we show that most boolean functions require ‸ L/B ‹ − 1 rounds to compute deterministically, and that even if we consider randomized protocols that are allowed to err, the expected running time remains [Formula: see text] for most boolean function. Second, trying to find explicit functions that require superconstant time, we consider the pointer chasing problem. In this problem, each node i is given an array Ai of length n whose entries are in [n], and the task is to find, for any [Formula: see text], the value of [Formula: see text]. We give a deterministic O(log n/ log log n) round protocol for this function using message size B = O(log n), a slight but non-trivial improvement over the O(log n) bound provided by standard “pointer doubling.” The question of an explicit function (or functionality) that requires super constant number of rounds in this setting remains, however, open.

Download Full-text

On diagnostic tests of contact break for contact circuits

Discrete Mathematics and Applications ◽

10.1515/dma-2020-0010 ◽

2020 ◽

Vol 30 (2) ◽

pp. 103-116 ◽

Cited By ~ 1

Author(s):

Kirill A. Popkov

Keyword(s):

Boolean Function ◽

Diagnostic Test ◽

Boolean Functions ◽

Diagnostic Tests ◽

Almost All

AbstractWe prove that, for n ⩾ 2, any n-place Boolean function may be implemented by a two-pole contact circuit which is irredundant and allows a diagnostic test with length not exceeding n + k(n − 2) under at most k contact breaks. It is shown that with k = k(n) ⩽ 2n−4, for almost all n-place Boolean functions, the least possible length of such a test is at most 2k + 2.

Download Full-text

First Order Bounded Arithmetic and Small Boolean Circuit Complexity Classes

Feasible Mathematics II ◽

10.1007/978-1-4612-2566-9_6 ◽

1995 ◽

pp. 154-218 ◽

Cited By ~ 22

Author(s):

Peter Clote ◽

Gaisi Takeuti

Keyword(s):

Circuit Complexity ◽

Complexity Classes ◽

Bounded Arithmetic ◽

Boolean Circuit ◽

First Order

Download Full-text

Exact quantum algorithms have advantage for almost all Boolean functions

Quantum Information and Computation ◽

10.26421/qic15.5-6-5 ◽

2015 ◽

pp. 435-452

Author(s):

Andris Ambainis ◽

Jozef Gruska ◽

Shenggen Zheng

Keyword(s):

Boolean Function ◽

Boolean Functions ◽

Quantum Algorithms ◽

Quantum Algorithm ◽

Query Complexity ◽

Exact Quantum ◽

Quantum Query Complexity ◽

Almost All ◽

Quantum Query

It has been proved that almost all n-bit Boolean functions have exact classical query complexity n. However, the situation seemed to be very different when we deal with exact quantum query complexity. In this paper, we prove that almost all n-bit Boolean functions can be computed by an exact quantum algorithm with less than n queries. More exactly, we prove that ANDn is the only n-bit Boolean function, up to isomorphism, that requires n queries.

Download Full-text

On the confusion coefficient of Boolean functions

Journal of Mathematical Cryptology ◽

10.1515/jmc-2021-0012 ◽

2021 ◽

Vol 16 (1) ◽

pp. 1-13

Author(s):

Yu Zhou ◽

Jianyong Hu ◽

Xudong Miao ◽

Yu Han ◽

Fuzhong Zhang

Keyword(s):

Boolean Function ◽

Boolean Functions ◽

Power Analysis ◽

Signal To Noise Ratio ◽

Sum Of Squares ◽

Hamming Weight ◽

Signal To Noise ◽

Trade Offs ◽

Cryptographic Algorithms ◽

Transparency Order

Abstract The notion of the confusion coefficient is a property that attempts to characterize confusion property of cryptographic algorithms against differential power analysis. In this article, we establish a relationship between the confusion coefficient and the autocorrelation function for any Boolean function and give a tight upper bound and a tight lower bound on the confusion coefficient for any (balanced) Boolean function. We also deduce some deep relationships between the sum-of-squares of the confusion coefficient and other cryptographic indicators (the sum-of-squares indicator, hamming weight, algebraic immunity and correlation immunity), respectively. Moreover, we obtain some trade-offs among the sum-of-squares of the confusion coefficient, the signal-to-noise ratio and the redefined transparency order for a Boolean function.

Download Full-text