Enes Pasalic

University of Primorska | UP · Faculty of Mathematics, Natural Sciences and Information Technologies (FAMNIT)

For a concatenation of four bent functions f = f 1 ||f 2 ||f 3 ||f 4 , the necessary and sufficient condition that f is bent is that the dual bent condition is satisfied [5, Theorem III.1], i.e., f * 1 +f * 2 +f * 3 +f * 4 = 1. However, specifying four bent functions satisfying this duality condition is in general quite a difficult task. Commonly,...

In this article, we provide the first systematic analysis of bent functions $f$ on $\mathbb{F}_2^{n}$ in the Maiorana-McFarland class $\mathcal{MM}$ regarding the origin and cardinality of their $\mathcal{M}$-subspaces, i.e., vector subspaces on which the second-order derivatives of $f$ vanish. By imposing restrictions on permutations $\pi$ of $\ma...

During the last five decades, many different secondary constructions of bent functions were proposed in the literature. Nevertheless, apart from a few works, the question about the class inclusion of bent functions generated using these methods is rarely addressed. Especially, if such a “new” family belongs to the completed Maiorana–McFarland (MM#\...

Recently, several interesting constructions of vectorial Boolean functions with the maximum number of bent components (MNBC functions, for short) were proposed. However, many of them have component functions from the completed Maiorana-McFarland class M #. Moreover , no examples of MNBC functions containing component functions provably outside M #...

This article provides a rigorous mathematical treatment of generalized (GNI) and closed-loop invariants (CLI), which extend the standard notion of nonlinear invariants used in the cryptanalysis of block ciphers. We first introduce the concept of an active cycle set, which is useful for defining standard invariants of concatenated S-boxes. We also p...

Boolean functions naturally induce binary sequences of length \(2^m\) and a large number of such orthogonal sequences is required in the design of code-division multiple-access (CDMA) systems. In this paper, Boolean functions are used to construct nonlinear phase orthogonal sequence sets for CDMA communications. For even m, employing carefully desi...

Quadratic almost bent (AB) functions are characterized by the property that the duals of their component functions are bent functions. We prove that these duals are also quadratic and illustrate that these bent duals may give rise to vectorial bent functions (in certain cases having a maximal output dimension). A necessary and sufficient condition...

Lightweight ciphers are often used as the underlying encryption algorithm in resource-constrained devices. Their cryptographic security is a mandatory goal for ensuring the security of data transmission. Differential cryptanalysis is one of the most fundamental methods applicable primarily to block ciphers, and the resistance against this type of c...

In this paper we characterize the intersection of the completed Maiorana–McFarland class of bent functions M# and Carlet’s D0 class of bent functions. As a consequence of this characterization, we prove that when the degree of a permutationπ is greater than 2 the Boolean function f(x,y)=x·π(y)+δ0(x), with f:F2n×F2n→F2, is always outside M# class. T...

Two new classes of bent functions derived from the Maiorana–McFarland (M) class, so-called C and D, were introduced by Carlet (1993) almost three decades ago. In Zhang (2020) sufficient conditions for specifying bent functions in C and D which are outside the completed M class, denoted by M#, were given. Furthermore in Pasalic et al. (2021) the not...

For various quasi-synchronous (QS) CDMA systems, to reduce or eliminate the multiple access interference and multipath interference, it is required to design a set of spreading sequences which are mutually orthogonal within a designed shift zone. In this article, we demonstrate that a concept of irregular spatial assignment, with flexibility to ass...

Minimal codes are characterized by the property that none of the codewords is covered by some other linearly independent codeword. We first show that the use of a bent function g in the so-called direct sum of Boolean functions h(x,y)=f(x)+g(y)\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{...

Some recent research articles (Zhang et al. in Lecture Notes in Computer Science, 10194, 298-313. (2017), Zhang et al. in Discret. Appl. Math. 285(1), 458-472. (2020)) addressed an explicit specification of indicators that specify bent functions in the so-called C and D classes, derived from the Maiorana-McFarland (M) class by C. Carlet in 1994 (Ca...

Vectorial Boolean functions with the maximum number of bent components, which are called MNBC functions in this article, were introduced recently and attracted a lot of attention from the research community. So far, all the known nontrivial constructions of MNBC functions belong to the completed Maiorana-McFarland class M #. In this paper, we show...

In this article, we propose two secondary constructions of bent functions without any conditions on initial bent functions employed by these methods. It is shown that both methods generate bent functions that belong to the generalized Maiorana–McFarland (\({\mathcal {GMM}}_{n/2+k}\)) class of n-variable Boolean functions, with n even. The class \({...

Recently, the construction of bent functions that belong to the so-called \(\mathcal {C}\) class and are provably outside the completed Maiorana-McFarland (\({\mathscr{M}}\)) class, introduced by Carlet almost three decades ago, has been addressed in several works. The main method for proving the class membership is based on a sufficient (but not n...

Boolean bent functions which at the same time have a flat nega-Hadamard transform are called bent-negabent functions. The known families of these functions mostly stem from the Maiorana-McFarland class of bent functions and their vectorial counterparts have not been considered in the literature. In this article, we introduce the notion of vectoria...

ACE is a block cipher proposal that entered the 2nd round of the NIST Lightweight Cryptography Standardization process. So far, not much cryptanalysis has been devoted to the ACE permutation and specifically impossible differential distinguishers covering more than 10-steps have not been specified yet. In this article, a MILP (Mixed Integer Linear...

Semi-bent functions play an important role in symmetric ciphers and sequence designs. So far, there are few studies related to the construction of vectorial semi-bent functions even though lots of work has been done on single-output semi-bent functions. In this paper, three classes of balanced vectorial semi-bent functions are presented with varyin...

The concept of transparency order is a useful measure for the robustness of (n, m)-functions (cryptographic S-boxes as mappings from \(GF(2)^n\) to \(GF(2)^m\)) to multi-bit Differential Power Analysis (DPA). The recently redefined notion of transparency order (\(\mathcal {RTO}\)), based on the cross-correlation coefficients, uses a very delicate a...

In 2017, Tang et al. have introduced a generic construction for bent functions of the form $f(x)=g(x)+h(x)$, where $g$ is a bent function satisfying some conditions and $h$ is a Boolean function. Recently, Zheng et al. generalized this result to construct large classes of bent vectorial Boolean functions from known ones in the form $F(x)=G(x)+h(X)$...

The transparency order (denoted by \(\mathcal {TO}\)) is a useful measure of the robustness of (n, m)-functions (cryptographic S-boxes as mappings from \(GF(2)^n\) to \(GF(2)^m\)) to multi-bits Differential Power Analysis (DPA). An improved version of transparency order (denoted by \(\mathcal {RTO}\)), based on the use of cross-correlation coeffici...

Integral cryptanalysis based on division property is a powerful cryptanalytic method whose range of successful applications was recently extended through the use of Mixed-Integer Linear Programming (MILP). Although this technique was demonstrated to be efficient in specifying distinguishers of reduced round versions of several families of lightweig...

Minimal binary linear codes are a special class of binary codes with important applications in secret sharing and secure two-party computation. These codes are characterized by the property that none of the nonzero codewords is covered by any other codeword. Denoting by \(w_{{\min \limits }}\) and \(w_{{\max \limits }}\) the minimum and maximum wei...

Minimal linear codes form a special class of linear codes that have important applications in secret sharing and secure two-party computation. These codes are characterized by the property that linearly independent codewords do not cover each other. Denoting by wmin and wmax the minimum and maximum weights of a binary code, respectively, such codes...

The autocorrelation properties of Boolean functions are closely related to the Shannon’s concept of diffusion and can be accompanied with other cryptographic criteria (such as high nonlinearity and algebraic degree) for ensuring an overall robustness to various cryptanalytic methods. In a series of recent articles citeTang2018IT,Kavut2019DCC and ci...

Two new classes of bent functions derived from the Maiorana–McFarland (M) class, so-called C and D, were introduced by Carlet (1994) two decades ago. The difficulty of satisfying their defining conditions was emphasized in Mandal et al. (2016). In a recent work Zhang et al. (2017) a set of efficient sufficient conditions for specifying bent functio...

For a function f:{−1,1}n→{−1,1} the relationship between the sum of its linear Fourier coefficients f̂(i) (defined by f̂(i)≔12n∑x∈{−1,1}nf(x)xi for i=1,2,…,n and x=(x1,…,xn)) and its degree d is a problem in theoretical computer science related to social choice. In that regard, in 2012, O’Donnell conjectured that ∑i=1nf̂(i)≤dd−1⌊d−12⌋21−d. In 2020,...

The first and the third authors recently introduced a spectral construction of plateaued and of 5-value spectrum functions. In particular, the design of the latter class requires a specification of integers $\{W(u):u\in \mathbb {F}^{n}_{2}\}$ , where $W(u)\in \left\{{0, \pm 2^{\frac {n+s_{1}}{2}}, \pm 2^{\frac {n+s_{2}}{2}}}\right\}$ , so that...

In the mid‐sixties, Rothaus introduced the notion of bent function and later presented a secondary construction of bent functions (building new bent functions from already defined ones), called Rothaus’ construction. In Zhang et al. 2017 (‘Constructing bent functions outside the Maiorana–Mcfarland class using a general form of Rothaus,’ IEEE Transa...

In this work, we employ the concept of composite representation of Boolean functions, which represents an arbitrary Boolean function as a composition of one Boolean function and one vectorial function, for the purpose of specifying new secondary constructions of bent/plateaued functions. This representation gives a better understanding of the exist...

In early nineties Carlet (1994) introduced two new classes of bent functions, both derived from the Maiorana–McFarland (M) class, and named them C and D class, respectively. Apart from a subclass of D, denoted by D0 by Carlet, which is provably outside two main (completed) primary classes of bent functions, little is known about their efficient con...

Correlation immunity (CI) of Boolean functions is an important concept relevant both in the design of nonlinear combiners and for the protection against side-channel cryptanalysis to name a few applications. In this article we give further simplification of the proofs of some known characterizations of these functions, including some new results re...

\(\mathbb {Z}\)-bent functions, mappings from \(\mathbb {F}_2^n\) to a subset of \(\mathbb {Z}\), were introduced by Dobbertin and Leander (Des Codes Cryptogr 49:3–22, 2008) as an attempt to capture the origin of standard bent functions and in particular to understand better a recursive construction framework of bent functions. Nevertheless, many q...

We show the existence of many infinite classes of permutations over finite fields and bent functions by extending the notion of linear translators, introduced by Kyureghyan [12]. We call these translators Frobenius translators since the derivatives of $f : F_{p^n} \rightarrow F_{p^k}$, where $n = rk$, are of the form $f(x + u\phi) - f(x) = u^{p^i}b...

Non‐linear filtering generators, as a well‐known family of stream ciphers, employ a filtering function F:GF(2)n→GF(2)m to process the secret state bits and thus outputs binary keystream blocks of length m. In this study, the authors extend the framework of a generic cryptanalytic method applicable to non‐linear filtering generators called generalis...

Various methods for reducing hardware implementation cost of incompletely specified index generating functions have been proposed lately. Considering the methods based on linear decomposition, for the first time in this work, we provide necessary and sufficient conditions which describe the linear decomposition of these functions in general. These...

The design of plateaued functions over GF(2) <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">n</sup> , also known as 3-valued Walsh spectra functions (taking the values from the set {0, ±2 <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Γ(n+s/2)1</sup> }),...

Whereas the design and properties of bent and plateaued functions have been frequently addressed during the past few decades, there are only a few design methods of the so-called five-valued spectra Boolean functions whose Walsh spectra take the values in {0, ±2 <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999...

This work extends the idea introduced by Hou and Langevin (J. Combin. Theory, Ser. A, 80:232–246, 1997) of applying nonlinear permutations to (a portion of) the input variable space of a given Boolean function so that the resulting function is bent. Applying such a permutation to a bent function that can be represented in a suitable form then gives...

In this work, the authors propose some alternative hardware efficient masking schemes dedicated to protect the Advanced Encryption Standard (AES) against higher order differential power analysis (DPA). In general, the existing masking schemes all have in common an intrinsic trade-off between the two main parameters of interest, namely the generatio...

The nonlinear invariant attack was introduced at ASIACRYPT 2016 by Todo et al.. The attack has received extensive attention of cryptographic community due to its practical application on the full-round block ciphers SCREAM, iSCREAM, and Midori64. However, the attack heavily relies on the choice of round constants and it becomes inefficient in the c...

Semi-bent functions play an important role in the construction of orthogonal variable spreading factor codes used in code-division multiple-access (CDMA) systems as well as in certain cryptographic applications. In this article we provide several infinite classes of semi-bent functions, where each class is characterized by either a different decomp...

Whereas the design and properties of bent and plateaued functions have been frequently addressed during the past few decades, there are only a few design methods of so-called 5-valued spectra Boolean functions whose Walsh spectra takes the values in $\{0, \pm 2^{\lambda_1}, \pm 2^{\lambda_2}\}$. Moreover, these design methods mainly regards the spe...

Whereas the design and properties of bent and plateaued functions have been frequently addressed during the past few decades, there are only a few design methods of so-called 5-valued spectra Boolean functions whose Walsh spectra takes the values in $\{0, \pm 2^{\lambda_1}, \pm 2^{\lambda_2}\}$. Moreover, these design methods mainly regards the spe...

The design of plateaued functions over $GF(2)^n$, also known as 3-valued Walsh spectra functions (taking the values from the set $\{0, \pm 2^{\lceil \frac{n+s}{2} \rceil}\}$), has been commonly approached by specifying a suitable algebraic normal form which then induces this particular Walsh spectral characterization. In this article, we consider t...

In [1] , at the end of page 3761, the following table should be inserted after “so that”.

In this work, we employ the concept of {\em composite representation} of Boolean functions, which represents an arbitrary Boolean function as a composition of one Boolean function and one vectorial function, for the purpose of specifying new secondary constructions of bent/plateaued functions. This representation gives a better understanding of the...

Given are necessary conditions for a permutation polynomial to be the derivative of a planar mapping. These conditions are not sufficient and there might exist permutation polynomials which are not derivatives of some planar mapping satisfying these conditions. For the first time we show that there is a close connection between two seemingly unrela...

In this article, we give an efficient method for constructing a large set of disjoint spectra functions without linear structures, which are not equivalent to partially linear functions. This positively answers the open problem (“how to construct a large set of disjoint spectra functions which are not (linearly equivalent to) partially linear funct...

The nonlinear invariant attack was introduced at ASIACRYPT 2016 by Todo et al.. The attack has received extensive attention of cryptographic community due to its practical application on the full-round block ciphers SCREAM, iSCREAM, and Midori64. However, the attack heavily relies on the choice of round constants and it becomes inefficient in the c...

Generalized bent (gbent) functions is a class of functions f:Z2n→Zq, where q≥2 is a positive integer, that generalizes a concept of classical bent functions through their co-domain extension. A lot of research has recently been devoted towards derivation of the necessary and sufficient conditions when f is represented as a collection of Boolean fun...

Recently, a class of cryptographic Boolean functions called generalized Maiorana–McFarland (GMM) functions was proposed in Zhang and Pasalic (IEEE Trans Inf Theory 60(10):6681–6695, 2014). In particular, it was demonstrated that certain subclasses within the GMM class satisfy all the relevant cryptographic criteria including a good resistance to (f...

In this paper, we show that the maximum number of bent component functions of a vectorial function F : GF(2) <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">n</sup> → GF(2) <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">n</sup> is 2 <sup xmlns:mml="http:/...

In the mid sixties Rothaus proposed the so-called “most general form” of constructing new bent functions by using three (initial) bent functions whose sum is again bent. In this article we utilize a special case of Rothaus construction when two of these three bent functions differ by a suitably chosen characteristic function of an n=2-dimensional s...

The design of n-variable t-resilient functions with strictly almost optimal (SAO) nonlinearity n even) appears to be a rather difficult task. The known construction methods commonly use a rather large number (exactly ) of affine subfunctions in variables which can induce some algebraic weaknesses, making these functions susceptible to certain types...

In this note, we find constructions of non-splitting Z-bent functions, thus solving an open problem of Dobbertin and Leander (2008) [4]. Under some technical conditions, we also construct Z-bent functions of level r + 1 that are not splitting into Z-bent functions of level r >= 0.

Two new classes of bent functions derived from the Maiorana-McFarland (\(\mathcal {M}\)) class, so-called \({\mathcal {C}}\) and \( {\mathcal {D}}\), were introduced by Carlet [2] two decades ago. However, apart from the subclass \({\mathcal {D}}_0\), some explicit construction methods for these functions were not provided in [2]. Assuming the poss...

The class of Boolean functions, which can never occur as output of a faulty combinational circuit, is known as Impossible Class of Faulty Functions (ICFF). Despite years of research, the characterization of ICFF for a complex logic network is yet a significantly open problem. In a recent work (Das et al., 2014), a partial characterization of ICFF w...

In this note, we find constructions of non-splitting -bent functions, thus solving an open problem of Dobbertin and Leander [H. Dobbertin, G. Leander, Bent functions embedded into the recursive framework of -bent functions, Des. Codes Cryptogr. 49 (2008), no. 1-3, 3–22; MR2438437]. Under some technical conditions, we also construct -bent functions...

In this article, using rather elementary technique and the derived formula that relates the coefficients of a polynomial over a finite field and its derivative, we deduce many interesting results related to derivatives of Boolean functions and derivatives of mappings over finite fields. For instance, we easily identify several infinite classes of p...

In this article we improve the lower bound on the maximum nonlinearity of 1-resilient Boolean functions, for n even, by proposing a method of constructing this class of functions attaining the best nonlinearity currently known. Thus for the first time, at least for small values of n, the upper bound on nonlinearity can be reached in a deterministic...

Two (so-called C, D) classes of permutation-based bent Boolean functions were introduced by Carlet [4] two decades ago, but without specifying some explicit construction methods for their construction (apart from the subclass 0). In this article, we look in more detail at the class, and derive some existence and nonexistence results concerning the...

We show that many infinite classes of permutations over finite fields can be constructed via translators with a large choice of parameters. We first charac- terize some functions having linear translators, based on which several families of permutations are then derived. Extending the results of [10], we give in several cases the compositional inve...

In this article an optimal selection of tap positions for certain LFSR-based encryption schemes is investigated from both design and cryptanalytic perspective. Two novel algorithms towards an optimal selection of tap positions are given which can be satisfactorily used to provide (sub)optimal resistance to some generic cryptanalytic techniques appl...

Resilient substitution boxes (S-boxes) with high non-linearity are important cryptographic primitives in the design of certain encryption algorithms. There are several trade-offs between the most important cryptographic parameters and their simultaneous optimisation is regarded as a difficult task. In this study, the authors provide a construction...

We use the well-known Maiorana–McFarland class to construct several important combinatorial structures. In the first place, we easily identify infinite classes of vectorial plateaued functions such that all non-zero linear combinations of its component functions are also plateaued. More importantly, by setting certain restrictions on the component...

Although several methods for estimating the resistance of a random Boolean function against (fast) algebraic attacks were proposed, these methods are usually infeasible in practice for relative large input variables n (for instance n ≥ 30) due to increased computational complexity. An efficient estimation the resistance of Boolean function (with re...

In difference to many recent articles that deal with generalized bent (gbent) functions $f:\mathbb{Z}_2^n \rightarrow \mathbb{Z}_q$ for certain small valued $q\in \{4,8,16 \}$, we give a complete description of these functions for both $n$ even and odd and for any $q=2^k$ in terms of both the necessary and sufficient conditions their component func...

In this paper, we employ the so-called semi-bent functions to achieve significant improvements over currently known methods regarding the number of orthogonal sequences per cell that can be assigned to a regular tessellation of hexagonal cells, typical for certain code-division multiple-access (CDMA) systems. Our initial design method generates a l...

Generalized bent (gbent) functions is a class of functions $f: \mathbb{Z}_2^n \rightarrow \mathbb{Z}_q$, where $q \geq 2$ is a positive integer, that generalizes a concept of classical bent functions through their co-domain extension. A lot of research has recently been devoted towards derivation of the necessary and sufficient conditions when $f$...

The necessary and sufficient conditions for a class of functions $f:\mathbb{Z}_2^n \rightarrow \mathbb{Z}_q$, where $q \geq 2$ is an even positive integer, have been recently identified for $q=4$ and $q=8$. In this article we give an alternative characterization of the generalized Walsh-Hadamard transform in terms of the Walsh spectra of the compon...

This book contains revised selected papers from the Second International Conference on Cryptology and Information Security in the Balkans, BalkanCryptSec 2015, held in Koper, Slovenia, in September 2015. The 12 papers presented in this volume were carefully reviewed and selected from 27 submissions. They are organized in topical sections named: sym...

In this article we present a broader theoretical framework useful in studying the properties of so-called generalized bent functions. We give the sufficient conditions (and in many cases also necessary) for generalized bent functions when these functions are represented as a linear combination of: generalized bent; Boolean bent; and a mixture of ge...

Although there are many different approaches used in cryptanalysis of nonlinear filter generators, the selection of tap positions in connection to guess and determine cryptanalysis has not received enough attention yet. In a recent article [18], it was shown that the so-called filter state guessing attack (FSGA) introduced in [15], which applies to...

The problem of constructing bent-negabent functions that do not belong to the completed Maiorana-McFarland class emerges implicitly through a series of construction methods proposed recently. These approaches manage to optimize the algebraic degree of bent-negabent functions, but all of the constructed bent-negabent functions belong to the complete...

Substitution boxes (S-boxes) play a central role in the modern design of iterative block ciphers. While in substitution-permutation networks the S-boxes are bijective, thus ensuring the invertibility of the encryption algorithm, the property of being bijective is not mandatory for Feistel kind of networks. In this paper, two methods of constructing...

A new framework concerning the construction of small-order resilient Boolean functions whose nonlinearity is strictly greater than (2^{n-1}-2^{lfloor n/2rfloor }) is given. First, a generalized Maiorana–McFarland construction technique is described, which extends the current approaches by combining the usage of affine and nonlinear functions in a c...

In a recent article [2], the authors conjectured that for n=2kn=2k, where k is even, there do not exist vectorial bent functions of the form F(x)=Trkn(x2k−1+λxr(2k−1)), where λ∈GF(2n)⁎λ∈GF(2n)⁎ and 1≤r≤2k1≤r≤2k. In this correspondence we confirm that this conjecture is true.

To identify and specify trace bent functions of the form (Tr(P(x))) , where (P(x) in {mathbb F} _{2^n}[x]) , has been an important research topic lately. We characterize a class of vectorial (hyper)bent functions of the form (F(x)=Tr_k^n(sum _{i=0}^{2^k}a_ix^{i(2^k-1)})) , where (n=2k) , in terms of finding an explicit expression for the coefficien...

In a recent paper [W. Zhang and E. Pasalic, Constructions of resilient S-Boxes with strictly almost optimal nonlinearity through disjoint linear codes, IEEE Trans Inf Theory 60, no. 3 (2014), pp. 1638-1651], by using disjoint linear codes, Zhang and Pasalic presented a method for constructing t-resilient S-boxes ( even, with strictly almost optimal...

In this paper, several methods for constructing substitution boxes (S‐boxes) with good cross‐correlation properties are proposed. We firstly analyze the cross‐correlation properties of bent functions and derive a sufficient condition that the absolute indicator Δ f , g of two bent functions f and g achieve its lowest possible value 2 n ∕ 2 . More p...

The Camellia block cipher has a 128-bit block length, a user key of 128, 192 or 256 bits long, and a total of 18 rounds for a 128-bit key and 24 rounds for a 192 or 256-bit key. It is a Japanese CRYPTREC-recommended e-government cipher, a European NESSIE selected cipher and an ISO international standard. The meet-in-the-middle attack is a technique...

In this paper, a novel approach of finding disjoint linear codes is presented. The cardinality of a set of $[u, m, t+1]$ disjoint linear codes largely exceeds all the previous best known methods used for the same purpose. Using such sets of disjoint linear codes, not necessarily of the same length, we have been able to provide a construction techni...

In this paper, we provide necessary and sufficient conditions for a function of the form $F(x)=Tr_{k}^{2k}(sum_{i=1}^{t}a_{i}x^{r_{i}(2^{k}-1)})$ to be bent. Three equivalent statements, all of them providing both the necessary and sufficient conditions, are derived. In particular, one characterization provides an interesting link between the bentn...

A recursive construction of complete mappings over finite fields is provided in this work. These permutation polynomials, characterized by the property that both f(x)∈Fq[x]f(x)∈Fq[x] and its associated mapping f(x)+xf(x)+x are permutations, have an important application in cryptography in the construction of bent–negabent functions which actually l...

In this paper we obtain nontrivial upper bounds on algebraic immunity of Boolean bent functions belonging to a subclass of PSap and another of Niho bent functions. Some recent results indicate the existence of bent functions in PSap having maximum algebraic immunity. On contrary, we identify a class of bent functions in PSap, having monomial trace...

Substitution boxes (S-boxes) are the key components of conventional cryptographic systems. To quantify the confusion property of S-boxes, different non-linearity criteria are proposed such as usual non-linearity (NF), unrestricted non-linearity (UNF), generalised non-linearity (GNF), higher order non-linearity (HNF) and so on. Although these differ...

In this paper, we consider the spectra of Boolean functions with respect to the action of unitary transforms obtained by taking tensor products of the Hadamard kernel, denoted by H, and the nega-Hadamard kernel, denoted by N. The set of all such transforms is denoted by {H, N}n. A Boolean function is said to be bent4 if its spectrum with respect to...

In this paper we investigate the possibility of constructing bent functions over fields with odd characteristic. While in the binary case, and for n=2kn=2k, the bent property of monomials of the form Tr1n(axr(2k−1)) and binomials Tr1n(x2k−1+axr(2k−1)) were investigated in several papers, generalized bent functions f:GF(pn)→GF(p)f:GF(pn)→GF(p) of th...

In this article we investigate the possibilities of obtaining multiple output bent functions from certain power polynomials over finite fields. So far multiple output bent functions F:GF(2)^n->GF(2)^m (where n is even and m=GF(2)^m, is a multiple output bent function. We consider all the main cases of monomial trace bent functions and specify the r...

The Camellia block cipher has a 128-bit block length and a user key of 128, 192 or 256 bits long, which employs a total of 18 rounds for a 128-bit key and 24 rounds for a 192 or 256-bit key. It is a Japanese CRYPTREC-recommended e-government cipher, a European NESSIE selected cipher, and an ISO international standard. In this paper, we describe a f...