Design of Stream Ciphers and Cryptographic Properties of Nonlinear Functions

Block and stream ciphers are widely used to protect the privacy of digital informa-tion. A variety of attacks against block and stream ciphers exist; the most recentbeing the algebraic attacks. These attacks reduce the cipher to a simple algebraicsystem which can be solved by known algebraic techniques. These attacks havebeen very successful against a variety of stream ciphers and major efforts (for ex-ample eSTREAM project) are underway to design and analyze new stream ciphers.These attacks have also raised some concerns about the security of popular blockciphers. In this thesis, apart from designing new stream ciphers, we focus on ana-lyzing popular nonlinear transformations (Boolean functions and S-boxes) used inblock and stream ciphers for various cryptographic properties, in particular theirresistance against algebraic attacks. The main contribution of this work is the de-sign of two new stream ciphers and a thorough analysis of the algebraic immunityof Boolean functions and S-boxes based on power mappings.First we present WG, a family of new stream ciphers designed to obtain akeystream with guaranteed randomness properties. We show how to obtain a math-ematical description of a WG stream cipher for the desired randomness propertiesand security level, and then how to translate this description into a practical hard-ware design. Next we describe the design of a new RC4-like stream cipher suitablefor high speed software applications. The design is compared with original RC4stream cipher for both security and speed.The second part of this thesis closely examines the algebraic immunity of Booleanfunctions and S-boxes based on power mappings. We derive meaningful upperbounds on the algebraic immunity of cryptographically significant Boolean powerfunctions and show that for large input sizes these functions have very low al-gebraic immunity. To analyze the algebraic immunity of S-boxes based on powermappings, we focus on calculating the bi-affine and quadratic equations they satisfy.We present two very efficient algorithms for this purpose and give new S-box con-structions that guarantee zero bi-affine and quadratic equations. We also examinethese S-boxes for their resistance against linear and differential attacks and provide