Entity

Time filter

Source Type

Sainte-Foy-lès-Lyon, France

Carlet C.,Universities of Paris 8 and Paris 13
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2015

The choice of functions S: Fn 2→ Fm 2 to be used as substitution boxes (S-boxes), fastly implementable and contributing to resisting attacks is a crucial question for the design of block ciphers. We summary the state of the art in this domain, considering also the case m < n which has been less studied. We also recall the method for protecting block ciphers against side channel attacks (SCA) by masking, and how the S-boxes can be processed in order to ensure this protection. We state a related open problem, also interesting for its own sake. We eventually see how Boolean functions, vectorial functions and error correcting codes can be used in different ways for reducing the cost of masking while keeping the same resistance to some SCA and also for allowing resisting fault injection attacks (FIA). © Springer International Publishing Switzerland 2015. Source


Carlet C.,Universities of Paris 8 and Paris 13 | Gaborit P.,University of Limoges | Kim J.-L.,Sogang University | Sole P.,French National Center for Scientific Research | Sole P.,King Abdulaziz University
IEEE Transactions on Information Theory | Year: 2012

We introduce a new class of rate one-half binary codes: complementary information set codes. A binary linear code of length 2n and dimension n is called a complementary information set code (CIS code for short) if it has two disjoint information sets. This class of codes contains self-dual codes as a subclass. It is connected to graph correlation immune vectorial Boolean functions of use in the security of hardware implementations of cryptographic primitives. Such codes permit to improve the cost of masking cryptographic algorithms against side channel attacks. In this paper, we investigate this new class of codes: we give optimal or best known CIS codes of length < 132. We derive general constructions based on cyclic codes and on double circulant codes. We derive a Varshamov-Gilbert bound for long CIS codes, and show that they can all be classified in small lengths ≤ 12 by the building up construction. Some nonlinear permutations are constructed by using ℤ 4-codes, based on the notion of dual distance of a possibly nonlinear code. © 1963-2012 IEEE. Source


Carlet C.,Universities of Paris 8 and Paris 13
Designs, Codes, and Cryptography | Year: 2011

We survey the properties of two parameters introduced by C. Ding and the author for quantifying the balancedness of vectorial functions and of their derivatives. We give new results on the distribution of the values of the first parameter when applied to F + L, where F is a fixed function and L ranges over the set of linear functions: we show an upper bound on the nonlinearity of F by means of these values, we determine then the mean of these values and we show that their maximum is a nonlinearity parameter as well, we prove that the variance of these values is directly related to the second parameter. We briefly recall the known constructions of bent vectorial functions and introduce two new classes obtained with Gregor Leander. We show that bent functions can be used to build APN functions by concatenating the outputs of a bent (n, n/2)-function and of some other (n, n/2)-function. We obtain this way a general infinite class of quadratic APN functions. We show that this class contains the APN trinomials and hexanomials introduced in 2008 by L. Budaghyan and the author, and a class of APN functions introduced, in 2008 also, by Bracken et al.; this gives an explanation of the APNness of these functions and allows generalizing them. We also obtain this way the recently found Edel-Pott cubic function. We exhibit a large number of other sub-classes of APN functions. We eventually design with this same method classes of quadratic and non-quadratic differentially 4-uniform functions. © 2011 Springer Science+Business Media, LLC. Source


Tang D.,Southwest Jiaotong University | Tang D.,Universities of Paris 8 and Paris 13 | Tang D.,Paris 8 University | Carlet C.,Universities of Paris 8 and Paris 13 | And 2 more authors.
International Journal of Foundations of Computer Science | Year: 2014

Recently, Tang, Carlet and Tang presented a combinatorial conjecture about binary strings, allowing proving that all balanced functions in some infinite class they intro- duced have optimal algebraic immunity. Later, Cohen and Flori completely proved that the conjecture is true. These functions have good (provable or at least observable) cryp- tographic properties but they are not 1-resilient, which represents a drawback for their use as filter functions in stream ciphers. We propose a construction of an infinite class of 1-resilient Boolean functions with optimal algebraic immunity by modifying the func- tions in this class. The constructed functions have optimal algebraic degree, that is, meet the Siegenthaler bound, and high nonlinearity. We prove a lower bound on their non- linearity, but as for the Carlet-Feng functions and for the functions mentioned above, this bound is not enough for ensuring a nonlinearity sufficient for allowing resistance to the fast correlation attack. Nevertheless, as for previously found functions with the same features, there is a gap between the bound that we can prove and the actual values computed for small numbers of variables. Our computations show that the functions in this class have very good nonlinearity and also good immunity to fast algebraic attacks. This is the first time that an infinite class of functions gathers all of the main criteria allowing these functions to be used as filters in stream ciphers. © World Scientific Publishing Company. Source

Discover hidden collaborations