Vectorial functions (i.e. mappings from F_2~n into F_2~m, also called S-boxes) can be used in pseudo-random generators with multiple outputs. The notion of maximum correlation of these S-boxes to linear functions, introduced by Zhang and Chan, plays a central role in the resistance of the resulting stream ciphers to correlation attacks. It can be related to a notion of "unrestricted nonlinearity". We obtain a new lower bound on the overall maximum correlation to linear functions of vectorial functions which results in an upper bound on the unrestricted nonlinearity. We compare it with the known upper bounds on the nonlinearity (which are also valid for the unrestricted nonlinearity of balanced functions). We study its tightness and we exhibit a class of balanced functions whose nonlinearity and unrestricted nonlinearity are high relatively to the upper-bounds.
展开▼
机译:矢量函数(即,来自F_2〜N的映射到F_2〜M,也称为S盒)可用于具有多个输出的伪随机发生器。 Zhang and Chan引入的这些S箱与线性函数的最大关系的概念在所得流密码的电阻上起到相关性攻击的核心作用。它可能与“不受限制的非线性”的概念有关。我们在整体最大相关性与矢量函数的线性函数中获得了一个新的下限,这导致了不受限制的非线性的上限。我们将其与非线性上的已知的上限进行比较(这也对平衡功能的不受限制的非线性有效)。我们研究其紧张,我们展示了一类平衡功能,其非线性和不受限制的非线性相对较高的上限。
展开▼
