For cryptographic purposes, we generally study the characteristics of a Boolean function in n-variables with the inherent assumption that each of the n-bit inputs take the value 0 or 1, independently and randomly with probability 1 / 2. However, in the context of the FLIP stream cipher proposed by Méaux et al. (Eurocrypt 2016), this type of analysis warrants a different approach. To this end, Carlet et al. (IACR Trans. Symm. Crypto. 2018) recently presented a detailed analysis of Boolean functions with restricted inputs (mostly considering inputs with weight (Formula Presented)) and provided certain bounds on linear approximation, which are related to restricted nonlinearity. The Boolean function used in the FLIP cipher reveals that it is actually a direct sum of several Boolean functions on a small number of inputs. Thus, with a different approach, we start a study in order to understand how the inputs to the composite function are distributed on the smaller functions. In this direction, we obtain several results that summarize the exact biases related to such Boolean functions. Finally, for the nonlinear filter function of FLIP, we obtain the lower bound on the restricted Walsh–Hadamard transform (i.e., upper bound on restricted nonlinearity). Our techniques provide a general theoretical framework to study such functions and better than previously published estimations of the biases, which is directly linked to the security parameters of the stream cipher.
CITATION STYLE
Maitra, S., Mandal, B., Martinsen, T., Roy, D., & Stănică, P. (2018). Tools in analyzing linear approximation for boolean functions related to FLIP. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11356 LNCS, pp. 282–303). Springer Verlag. https://doi.org/10.1007/978-3-030-05378-9_16
Mendeley helps you to discover research relevant for your work.