低差分均匀度密码函数的构造与分析

Differential analysis is the most powerful method in cryptanalysis, and functions with low differential uniformity can provide good resistance to differential analysis. It is well known that, for fields with even characteristic, the lowest possible uniformity is 2 and functions with this property are called almost perfect nonlinear (APN) functions. However, we still don’t know whether there exits APN permutations on the fields of even degree except a sporadic example on GF(64) found by Dillon. The existence of APN permutations on other fields of even degree remains an important problem. Therefore, a natural method to fulfill the design of S-boxes is to find differentially 4 uniform permutations. For instance, the currently endorsed Advanced Encryption Standard (AES) uses the inverse function, which is a differentially 4-uniform permutation. However, up to now, there are not many known such functions. It is expected to construct more such functions in this project. We try to study the following topics: (1) Construction and analysis of APN functions over the finite fields of characteristic 2. For example, the APN conjecture. (2) Constructing more differentially 4 uniform permutations over the finite fields of characteristic 2. (3) The CCZ equivalence (Carlet-Charpin-Zinoviev equivalence) problem. Such as, how to check whether two functions are CCZ equivalent, constant parameters under the CCZ equivalence, and constructing permutations with the CCZ equivalence. This project can enrich the study of cryptographic functions related topics, and it can also provide necessary technical support for the design of S-boxes.

差分分析是密码分析中最有力的攻击手段，而低差分均匀度函数能很好的抵抗差分分析。在偶数维有限域中，差分均匀度最小为2，满足这一性质的函数被称作APN函数。但是，在偶数维有限域中，只有Dillon在GF(64)上发现了一个APN置换，更大域中是否存在APN置换仍然是个公开难题。因此，4差分置换自然就成了很多密码算法的选择。例如，国际加密标准AES中用到的逆函数就是一个4差分置换。但是，迄今为止，我们所知晓的此类函数并不多。本项目计划构造更多诸如此类的函数。主要研究内容包括：（1）特征为2的有限域上APN函数的构造与分析。例如，APN猜想。（2）在特征为2的有限域上构造更多的4差分置换函数。（3）CCZ等价问题。例如，怎样判断两个函数是不是CCZ等价；CCZ等价下的不变参数；利用CCZ等价构造置换函数。本项目的顺利执行将会丰富密码函数相关的理论研究，并且为实用算法中S盒的设计提供必要的技术支持。

S盒是密码算法中的关键部件，它的安全性直接影响整个算法的安全性。S盒需要满足三个重要的性质：置换、低差分、和高非线性度。本项目以置换函数和低差分函数为主要研究对象，构造了一批置换函数和一批低差分函数，为S盒的构造提供了更多候选项。..本项目在研究方法上的主要创新是找到了一类函数和一类矩阵之间的一一对应关系，用这个对应关系可以把函数的构造转化为矩阵的构造，从而使函数的构造变得更加简单。研究成果上最主要的贡献是构造了更多的APN函数，以及对某些APN函数做了分类，把Dillon在GF(64)上的结果推广到GF(256)上，为APN猜想的进一步研究做了一些铺垫。..本项目的研究对象是很有实用价值的，研究方法也有自己独特之处，所积累的方法和数据也是APN猜想研究道路上有价值的参考结果，项目虽然要结题了，但研究不会截止，相信后续的研究会更有价值。