On the Boomerang Uniformity of Cryptographic Sboxes - Archive ouverte HAL Access content directly
Journal Articles IACR Transactions on Symmetric Cryptology Year : 2018

On the Boomerang Uniformity of Cryptographic Sboxes


The boomerang attack is a cryptanalysis technique against block ciphers which combines two differentials for the upper part and the lower part of the cipher. The dependency between these two differentials then highly affects the complexity of the attack and all its variants. Recently, Cid et al. introduced at Eurocrypt’18 a new tool, called the Boomerang Connectivity Table (BCT) that permits to simplify this complexity analysis, by storing and unifying the different switching probabilities of the cipher’s Sbox in one table. In this seminal paper a brief analysis of the properties of these tables is provided and some open questions are raised. It is being asked in particular whether Sboxes with optimal BCTs exist for even dimensions, where optimal means that the maximal value in the BCT equals the lowest known differential uniformity. When the dimension is even and differs from 6, such optimal Sboxes correspond to permutations such that the maximal value in their DDT and in their BCT equals 4 (unless APN permutations for such dimensions exist). We provide in this work a more in-depth analysis of boomerang connectivity tables, by studying more closely differentially 4-uniform Sboxes. We first completely characterize the BCT of all differentially 4-uniform permutations of 4 bits and then study these objects for some cryptographically relevant families of Sboxes, as the inverse function and quadratic permutations. These two families provide us with the first examples of differentially 4-uniform Sboxes optimal against boomerang attacks for an even number of variables, answering the above open question.
Fichier principal
Vignette du fichier
bct.pdf (593.24 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-01944598 , version 1 (04-12-2018)



Christina Boura, Anne Canteaut. On the Boomerang Uniformity of Cryptographic Sboxes. IACR Transactions on Symmetric Cryptology, 2018, 2018 (3), pp.290-310. ⟨10.13154/tosc.v2018.i3.290-310⟩. ⟨hal-01944598⟩
141 View
316 Download



Gmail Facebook Twitter LinkedIn More