Abstract
We use the Constraint Satisfaction Problem (CSP) framework to model and solve the problem of designing substitution functions for substitution-permutation (SP) networks as proposed by Shannon for the architecture of ciphers. Many ciphers are designed using the SP pattern, and differ mainly by two parametrized functions: substitution and permutation. The most difficult of the two is the substitution function, which has to be nonlinear (a requirement that was difficult to define and quantify). Over time, researchers such as Nyberg, Pieprzyk and Matsui have proposed various metrics of nonlinearity that make the function robust to modern attacks. Before us, people have attempted various ways to design functions that respect these metrics. In the past people hand-picked substitution tables (S-boxes) by trying various values. Recently they use difficult to analyze constructs (such as Bent functions, spectral inversion, inverses in Galois fields) whose outputs are tested for nonlinearity. While efficient, such techniques are neither exhaustive (optimal), nor did they manage to generate better substitutions than the ones hand-picked in the past.
We show that Matsui’s nonlinearity requirement can be naturally modelled using CSPs. Based on a combination of existing CSP techniques and some new filtering operators that we designed specially for the new types of constraints, we manage to obtain better S-boxes than any previously published ones. The simplicity of the CSP framework and availability of general CSP solvers like ours, makes it easy for more people to design their own ciphers with easy to understand security parameters. Here we report on this new application of CSPs.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Adams, C.M., Tavares, S.E.: Good S-boxes are easy to find. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 612–615. Springer, Heidelberg (1990)
Adams, C., Tavares, S.: Generating and counting binary bent sequences. IEEE Transactions on Information Theory 36(5), 1170–1173 (1990)
Bessière, C., Régin, J.C.: Refining the basic constraint propagation algorithm. In: Nebel, B. (ed.) IJCAI, pp. 309–315. Morgan Kaufmann, San Francisco (2001)
Biham, E., Shamir, A.: Differential cryptanalysis of the data encryption standard. Springer, Heidelberg (1993)
Clark, J., Jacob, J., Maitra, S., Stanica, P.: Almost boolean functions: the design of boolean functions by spectral inversion. Evolutionary Computation 3, 2173–2180 (2003)
Coppersmith, D.: The data encryption standard (des) and its strength against attacks. IBM J. Res. Dev. 38(3), 243–250 (1994)
Daemen, J., Rijmen, V.: Aes proposal: Rijndael (September 1999), http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf
Feistel, H.: Cryptography and computer privacy. Scientific American 228, 15–23 (1973)
Gupta, K.C., Sarkar, P.: Construction of high degree resilient S-boxes with improved nonlinearity. Inf. Process. Lett. 95(3), 413–417 (2005)
Hoeve, W.V.: The alldifferent constraint: A survey. In: Proceedings of the Sixth Annual Workshop of the ERCIM Working Group on Constraints (2001)
Lai, X., Massey, J.L.: A proposal for a new block encryption standard. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 389–404. Springer, Heidelberg (1991)
Laskari, E.C., Meletiou, G.C., Vrahatis, M.N.: Utilizing evolutionary computation methods for the design of S-boxes. In: Proceedings of the International Conference on Computational Intelligence and Security 2006 (CIS 2006), China (2006) (in press)
Matsui, M.: Linear cryptanalysis method for des cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)
Mister, S., Adams, C.: Practical S-Box design (1996)
NIST: Data encryption standard (DES). Federal Information Processing Standard (FIPS) 46-2 (January 1988)
O’Connor, L.: An analysis of a class of algorithms for s-box construction. J. Cryptology 7(3), 133–151 (1994)
O’Connor, L.: Properties of linear approximation tables. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 134–136. Springer, Heidelberg (1995)
Pieprzyk, J., Finkelstein, G.: Towards effective nonlinear cryptosystem design. IEE Proceedings Computers and Digital Techniques 135(6), 325–335 (1988)
Puget, J.-F.: A fast algorithm for the bound consistency of alldiff constraints. In: AAAI 1998, pp. 359–366 (1998)
Sabin, D., Freuder, E.C.: Contradicting conventional wisdom in constraint satisfaction. In: PPCP 1994. LNCS, vol. 874, pp. 10–20. Springer, Heidelberg (1994)
Schneier, B.: Applied cryptography — protocols, algorithms, and source code in c. In: Textbook, ch. 12, pp. 265–301 (2002)
Shannon, C.E.: A mathematical theory of communication. Bell System Technical Journal 27, 379–423, 623–656 (1948)
Stallings, W.: Cryptography and network security - principles and practices. In: Textbook, ch. 3, pp. 86–90 (2003), http://www.prenhall.com/stallings
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ramamoorthy, V., Silaghi, M.C., Matsui, T., Hirayama, K., Yokoo, M. (2011). The Design of Cryptographic S-Boxes Using CSPs. In: Lee, J. (eds) Principles and Practice of Constraint Programming – CP 2011. CP 2011. Lecture Notes in Computer Science, vol 6876. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23786-7_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-23786-7_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-23785-0
Online ISBN: 978-3-642-23786-7
eBook Packages: Computer ScienceComputer Science (R0)