Boomerang uniformity

From Boolean Functions
Revision as of 10:46, 23 September 2019 by Ivi062 (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Background and definitions

The Boomerang attack, introduced in 1999 by Wagner [1], is a cryptanalysis technique against block ciphers based on differential cryptanalysis. To study the resistance to this attack, Cid et al.[2] introduced the Boomerang Connectivity Table (BCT). Next, Boura and Canteaut[3] , introduced the notion of boomerang uniformity.

For a permutation , the Boomerang Connectivity Table (BCT) is given by a table ,


The boomerang uniformity of is the maximal value, i.e.

Main properties

For a permutation, the following properties on the boomerang uniformity were proven.

  • The boomerang uniformity is invariant for inverse and affine equivalence but not for EA- and CCZ-equivalence.
    • For an affine equivalent permutation, , we have , with the linear part of .
    • For the inverse we have .
  • Relation with the differential uniformity: and if and only if .
  • .
  • If is a power permutation, then .
  • If is a quadratic permutation, then .
  • Wagner D. The boomerang attack.In Lars R. Knudsen, editor, FSE'99, vol. 1636 of LNCS, pp. 156-170. Springer, Heidelberg, March 1999
  • Cid C., Huang T., Peyrin T., Sasaki Y., Song L. Boomerang connectivity table: A new cryptanalysis tool. EUROCRYPT 2018, Part II, vol. 10821 of LNCS, pp. 683-714. Springer, Heidelberg, 2018
  • Boura C., Canteaut A. On the boomerang uniformity of cryptographic Sboxes. IACR Transaction on Symmetric Cryptology, pp. 290-310, Sep 2018