Abstract
S-boxes having large number of linearly independent multivariate biaffine or quadratic equations may be susceptible to certain kinds of algebraic attacks. In a 2009 IEEE-IT paper, Nawaz et al. provided a polynomial time algorithm to compute the number of such equations for finding S-boxes based on power mapping. Finding actual equations in polynomial time was still open. In this paper, techniques for finding a maximal set of linearly independent biaffine and quadratic equations are developed for S-boxes based on power mappings. Two algorithms to calculate the biaffine and quadratic equations for any (n, n) S-box based on power mapping are presented. The time complexity of both the algorithms is O(n 6 ).
| Original language | English |
|---|---|
| Pages (from-to) | 2200-2209 |
| Number of pages | 10 |
| Journal | IEEE Transactions on Information Theory |
| Volume | 61 |
| Issue number | 4 |
| Early online date | 31 Dec 2014 |
| DOIs | |
| Publication status | Published - 01 Apr 2015 |
| Externally published | Yes |