Asymmetric cryptography with S-Boxes
نویسندگان
چکیده
In [12], T. Matsumoto and H. Imai designed an asymmetric cryptosystem, called C∗, for authentication, encryption and signature. This C∗ scheme was broken in [13] due to unexpected algebraic properties. In this paper, we study some new “candidate” asymmetric cryptosystems based on the idea of hiding one or two rounds of small S-box computations with secret functions of degree one or two. The public key is given by multivariate polynomials of small degree. The C∗ scheme (when its ni values are small) can be seen as a very special case of these schemes, but in the new schemes, the algebraic properties of [13] generally do not exist, so that completely different cryptanalytic ideas have to be found. We study the efficiency of classical cryptanalysis (such as differential cryptanalysis), and we also present completeley new cryptanalytic tools (such as “gradient cryptanalysis”). With these cryptanalysis, most of the “new” algorithms can be broken and we deduce some very different cryptanalysis of C∗. Moreover, our cryptanalysis and the cryptanalysis of [13] can also be combined in order to faster compute a cleartext from a ciphertext, and to find more informations on the secret key. Thus one of the interests of the paper is to improve the cryptanalysis of C∗. However, we were not able to find the cryptanalysis of all the new schemes. More precisely, when one round of secret quadratic functions is combined with one round of S-boxes, or when two rounds of S-boxes are carefully hidden by affine functions, the security of these schemes is surprisingly still an open problem. Another interest of the paper lies therefore in the highlighting of these new schemes. The main practical advantage of these schemes is that secret computations are easy and can be performed in low-cost smartcards.
منابع مشابه
Practical Bijective S-box Design
Vectorial Boolean functions are usually called Substitution Boxes (S-Boxes) and are used as basic component of block ciphers in Cryptography. The ciphers that are Substitution-permutation networks use bijective S-Boxes i.e., Boolean permutations. S-Boxes with low differential uniformity and high nonlinearity are considered as cryptographically strong. In this paper we study some properties of S...
متن کاملDesigning cryptographically strong S-boxes with the use of cellular automata
Block ciphers are widely used in modern cryptography. Substitution boxes (S–boxes) are main elements of these types of ciphers. In this paper we propose a new method to create S–boxes, which is based on application of Cellular Automata (CA). We present the results of testing CA-based S–boxes. These results confirm that CA are able to realize efficiently the Boolean function corresponding to cla...
متن کاملKnowledge-based Schema for S-box Design
In cryptography, a Substitution box (S-box) is one of the basic components of a symmetric key cryptography. Generally, it transforms a number of m input bits into n output bits. In this paper, there are presented the cryptographic properties of S-boxes and it is introduced a knowledge-based schema for building S-boxes.
متن کاملDesigning S-boxes through Evolutionary Computation
Substitution boxes (S-boxes) are of major importance in cryptography as they are used to provide the property of confusion to the corresponding cryptosystem. Thus, a great amount of research is devoted to their study. In this contribution, a new methodology for designing strong S-boxes is studied and two Evolutionary Computation methods, the Particle Swarm Optimization and the Differential Evol...
متن کامل