Measuring the Sum-of-Squares Indicator of Boolean Functions in Encryption Algorithm for Internet of Things

Zhou, Yu; Wei, Yongzhuang; Zhang, Fengrong

doi:https://doi.org/10.1155/2019/1348639

Security and Communication Networks

On this page

Abstract Introduction Preliminaries Conclusions Appendix Data Availability Conflicts of Interest Acknowledgments References Copyright Related Articles

Special Issue

Privacy and Security of Information Processing in Industrial Big Data and Internet of Things

View this Special Issue

Research Article | Open Access

Volume 2019 | Article ID 1348639 | https://doi.org/10.1155/2019/1348639

Measuring the Sum-of-Squares Indicator of Boolean Functions in Encryption Algorithm for Internet of Things

Yu Zhou,¹Yongzhuang Wei,²and Fengrong Zhang³

Guest Editor: Fagen Li

Received24 Jan 2019

Accepted27 Feb 2019

Published27 Mar 2019

Abstract

Encryption algorithm has an important application in ensuring the security of the Internet of Things. Boolean function is the basic component of symmetric encryption algorithm, and its many cryptographic properties are important indicators to measure the security of cryptographic algorithm. This paper focuses on the sum-of-squares indicator of Boolean function; an upper bound and a lower bound of the sum-of-squares on Boolean functions are obtained by the decomposition Boolean functions; some properties and a search algorithm of Boolean functions with the same autocorrelation (or cross-correlation) distribution are given. Finally, a construction method to obtain a balanced Boolean function with small sum-of-squares indicator is derived by decomposition Boolean functions. Compared with the known balanced Boolean functions, the constructed functions have the higher nonlinearity and the better global avalanche characteristics property.

1. Introduction

The Internet of Things is an important part of the new generation of information technology and also an important stage of information development. But the Internet of Things is being threatened and attacked by more and more potential threats and attacks [1, 2]. As Internet of Things evolves, these networks, and many others, will be connected with security and management capabilities and so forth.

The current-time wireless sensor network is attacked by hackers from time to time, and it has put up a new challenge for information security. With wireless communication, low cost, resource constraints, and so forth, current threats include differential power analysis, kinds of keys decryption, Trojan attacks, virus damage, and physical method.

Because of the special use of wireless sensor, the design of key storage, distribution, and encryption or decryption algorithm is inconvenient. Therefore, we need to be practical and convenient for the cryptographic algorithm in resource-constrained environment, the most basic of which is to clarify the cryptographic properties of cryptographic components.

The scenarios used in the Internet of Things are mostly resource-constrained, so its cryptographic algorithm requires some hardware and software requirements, low power consumption, moderate security intensity, and limited resource area, which makes the design of such cryptographic algorithm more difficult. Therefore, the research of cryptographic components in cryptographic algorithm is very important.

Symmetric cryptographic algorithm is the most widely used in cooperative networks. Its advantage is to ensure the confidentiality of communication data. If the algorithm is authenticated, it can ensure the integrity of communication data. Block cipher and stream cipher are two main design directions. Boolean function, as the most basic and widely used cryptographic component, has been highly studied by scholars, for example, linear feedback shift registers (LFSR), S-box, and MDS.

Boolean functions have many cryptographical indicators, including balance, high nonlinearity, high algebraic degree, resilience, propagation characteristic [3], global avalanche characteristic [4], algebraic immunity [5], and transparency order [6]. Among these properties, can link with other cryptographic indicators. In 1995, Zhang and Zheng introduced the global avalanche characteristic ( [4]: the sum-of-squares indicator (), the absolute indicator ()) for an -variable Boolean function , and they gave the lower and the upper bounds on the two indicators. Reference [4] implied that the smaller and , the better the of a Boolean function. In 1998, Son et al. [7] gave a lower bound on these indicators for a balanced Boolean function: and . Sung et al. [8] improved these results and provided a bound on the sum-of-squares indicator of balanced functions satisfying the propagation criterion with respect to vectors. In 2010, [9] generalized the and put up a new criterion based on the cross-correlation functions: the sum-of-squares indicator () and the absolute indicator () for two -variable Boolean functions ; they gave the lower and the upper bounds on the two indicators. Reference [10] derived a new bound on the sum-of-squares indicator and gave a method to construct balanced Boolean functions with variables by the disjoint spectra functions, where is an even integer, satisfying strict avalanche criterion, high nonlinearity, and lower .

Meanwhile, some authors gave lots of constructions of Boolean functions with good , Tang [11] gave a method to construct balanced Boolean functions of variables, the constructed functions possess the highest nonlinearity and the better global avalanche characteristics () property, but they only obtained an upper bound of . Reference [12] gave a method to construct high nonlinearity Boolean function. These constructions had not considered Boolean functions with the same autocorrelation distributions or the same cross-correlation distributions. If these functions have the same autocorrelation distributions or the same cross-correlation distributions, then these Boolean functions have the same [4], the same transparency order [6], the same nonlinearity, the same absolute value of Walsh spectrum, the same correlation immunity, the same propagation criterion, and so forth. Thus, this paper will construct a Boolean function with small , and we give some relationships of the sum-of-squares indicator between an -variable Boolean function and four variable decomposition Boolean functions; the relationships are based on construction on Boolean functions with good global avalanche characteristics.

Based on the above consideration, we study the following questions:

(1) What is a clear characterization of four -variable decomposition functions, if the sum-of-squares indicator of an -variable Boolean function is lower? This study provides theoretical support for the security of lightweight dynamic cryptographic algorithms in the Internet of Things.

(2) What are the cross-correlation properties of any two Boolean functions, if Boolean functions have the same autocorrelation distribution? This research lays a foundation for lightweight dynamic cryptographic algorithms in the Internet of Things.

(3) How to construct a Boolean function with good global avalanche characteristics. This study provides some algorithm component for the lightweight dynamic cryptographic algorithms in the Internet of Things.

The rest of this paper is organized as follows: Section 2 introduces some basic definitions. In Section 3, an upper bound on the sum-of-squares indicator of -variable Boolean function by using four decomposition -variable Boolean functions is given. Section 4 gives some properties of a Boolean function with the upper bound on the sum-of-squares indicator. In Section 5, we give a construction of one Boolean function with small sum-of-squares indicator by the disjoint spectrum method. Finally, Section 6 concludes this paper.

2. Preliminaries

Let denote the set of variables Boolean functions. We denote by the additions in , in , and in . Every Boolean function admits a unique representation called its algebraic normal form () as a polynomial over : where the coefficients . The algebraic degree, , is the number of variables in the highest-order term with nonzero coefficient. The support of a Boolean function is defined as . We say that a Boolean function is balanced if its truth table contains an equal number of ones and zeros, that is, if its Hamming weight equals . A Boolean function is affine if there exists no term of degree in the and the set of all affine functions is denoted by . An affine function with constant term equal to zero is called a linear function.

Definition 1. The Walsh spectrum of is defined aswhere .

Definition 2. The cross-correlation function between is defined asIf , then .

Two -variable Boolean functions are called to be perfectly uncorrelated if for all and are called to be uncorrelated of degree if for all such that .

Definition 3 (see [9]). Let ; the sum-of-squares indicator of the cross-correlation between and is defined asthe absolute indicator of the cross-correlation between and is defined as

The above indicators are called the global avalanche characteristics between two Boolean functions. If , thenand the two indicators are the global avalanche characteristics of Boolean functions ( [4]).

In order to study cross-correlation distributions between any two Boolean functions, we need the following definition.

Definition 4 (see [13]). Let . If is constant, is said to be a of and . For convenience, letif , it is easy to know that and are linear subspaces of .

In Definition 4, if , then ; . and are linear subspaces of .

In [13], the authors obtained some properties of any two Boolean functions with the same autocorrelation distribution; let and be functions set with the same autocorrelation distribution and the cross-correlation distribution of given , respectively: AndWe denote a Boolean function by . For example, taking , the Boolean function with truth table is written as .

Denote in this paper.

3. The Upper Bound on the Sum-of-Squares between an -Variables Boolean Function and -Variable Decomposition Functions

In this section, we give an expression for the sum-of-squares indicator of an -variable Boolean function. This result is important to the following sections.

In order to give the relationship of the sum-of-squares indicator between one Boolean function and four decomposition Boolean functions, we need the following Lemma 5.

Lemma 5 (see [13]). Let . Then

Lemma 5 gave a relationship between autocorrelation functions and cross-correlation functions. Reference [14] gives the relationship between the sum-of-squares indicator on an -variable Boolean function and four decomposition -variable Boolean functions in the following.

Lemma 6 (see [14]). Let ; . Then Based on Lemmas 5 and 6, we have the upper bound on for any -variable Boolean function .

Theorem 7. Let ; . Then with the equality holding if and only if , , and for any .

Proof. Note that, for any , Cauchy inequality holds:with equality holding if and only if for any .
Thus, based on Definition 3, we have This result is proven.

Reference [15] gave the relationship between and for any Boolean function .

Lemma 8 (see [15]). Let . Then ; the equality holds if and only if for all or if and only if for all .

Furthermore, according to Lemma 8 and Theorem 7, we have the following theorem.

Theorem 9. Let ; . Then and, furthermore, we have the following:
(1) The right equality holds if and only if the two following conditions are satisfied:
() for all ;
() , , and for any .
(2) The left equality holds if and only if is a bent function.

Remark 10. By Theorem 9, we know that if and only if and are perfectly uncorrelated functions. The lower bound is easy reached; it is because we can find that and are perfectly uncorrelated functions. For example, let be a bent function and and then any two Boolean functions among are perfectly uncorrelated functions, and for every function we haveThus, . If , then ; the lower bound can be reached.

Summary 1. Theorem 9 provides theoretical support for encryption algorithm, especially for the security of lightweight dynamic cryptographic algorithms in the Internet of Things [2].

4. Some Properties of Conditions and

Theorem 9 induces an important problem: does there exist a -pair satisfying conditions () and ()? We will analyze this question. We need the following lemma.

Lemma 11. Let .
(1) For any , if and only if .
(2) For any , ; then ; furthermore, for any .
(3) For any , and ; then .

Proof. (1) According to the relationship between the cross-correlation function and the Walsh spectrum for , for any , we have On one hand, since for any , if , we have ThusFinally, by Parseval equality and (20), we haveThe above equation holds if and only if for any , if and only if .
On the other hand, if , then for any .
(2) By the same method with (1), this result can be proven.
(3) On one hand, according to for any , we have On the other hand, by the same method and combining the above equality, we have and it implies that for any . According to , we have .

Theorem 12. Let satisfy conditions () and (); then

Proof. According to condition () and Lemma 5, we have By the same method, we haveBased on condition (), we haveBased on (26) and (27), we complete this proof.

Theorem 13. Let satisfy the following conditions:
(1) for any .
(2) for any .
Then and for any .

Proof. According to (27), we know that . Note that we also have and it implies that . Based on this result, we have It implies that for any .
By the same method, we have for any .

Based on Theorem 13, we have the following.

Corollary 14. Let . Conditions () and ) are equivalent to the following:
(a) for any ;
(b) for any .
Based on Theorems 9 and 13, we can give an algorithm for finding all -pairs satisfying and .

Algorithm 15. This algorithm has three steps.
Step 1. We should firstly obtain a set , because is a function set with the same autocorrelation distribution. It is implied that we must calculate all autocorrelation distributions with -variable.
For , [13] gives all autocorrelation distributions (see Table 1); there are different autocorrelation distributions, where expresses the autocorrelation distributions.
Step 2. Calculate cross-correlation distributions between any two Boolean functions with the same autocorrelation distribution.
For , there are different distributions of Table 1. In particular, Class 22 has 8 Boolean functions (, , , , , , , ) with the same autocorrelation distribution . We can calculate all cross-correlation distributions in Table 2. There are 7 different cross-correlation distributions, where expresses the cross-correlation distributions.
Step 3. Calculate the number of -pairs satisfying and in Theorem 9.

Remark 16. Based on Theorem 13, we analyze the upper bound on in Theorem 9; this upper bound can be reached if and only if satisfying conditions and . We must consider the existence of satisfying conditions and .
(1) Suppose that . Then conditions and hold.
(2) Suppose that . According to , for any , we have , for any ; we know that . Thus, this supposition cannot be reached.
(3) Suppose that . Conditions and are equivalent to for any ; obviously this holds.
(4) Suppose that are unequal to each other. We can find these -pairs satisfying and .
For , we give all Boolean functions satisfying conditions and in Example 17.

Example 17. (1) When , for 22, we will give all Boolean functions satisfying conditions , , and of Remark 10 in Table 2; it implies that there are 4 pairs of Boolean functions with the same cross-correlation distribution.
(2) In Table 2, the number of Boolean functions satisfying condition is 14. The number of Boolean functions satisfying condition is . The number of Boolean functions satisfying condition is . Thus, we find 50 (=14+28+8) Boolean functions with -variable satisfying and ; based on the 50 Boolean functions, we can construct 50 -variable Boolean functions reaching the upper bound in Theorem 9 in Class 22.
(3) The rest of results from Class 0 to Class 29 can be found in Appendix (Tables 6, 7, 8, 9, 10, and 11).

Thus, we find Boolean functions satisfying conditions and in all -variable Boolean functions in Table 3. By the same method, we also find many Boolean function pairs for .

Summary 2. Theorem 13 gives a theoretical result for finding Boolean functions with the same autocorrelation (or cross-correlation) distributions, but Algorithm 15 gives a specific implementation method for lightweight cryptographic decompositions in the Internet of Things [1]. According to Algorithm 15, we can find many Boolean functions with the same and the same resistance to attacks.

5. Construction -Variable Boolean Functions with Lower by Disjoint Spectrum Functions

Zhang and Zheng [4] showed that the smaller , the better the of a function . In Lemma 6 and Theorem 9, we know that

Thus, if four decomposition functions satisfy the conditions,(1) is small;(2), and are perfectly uncorrelated,

then has lower . It implies that and are important for constructing a good Boolean function with lower by the decomposition Boolean functions.

Theorem 9 implies that , if any two Boolean functions among , , , and are perfectly uncorrelated.

Sarkar and Maitra [16] obtained the characterization of perfect uncorrelated.

Lemma 18 (see [16]). Let . Then and are perfectly uncorrelated if and only if for any .

Disjoint spectra functions have good properties; here we first give a brief summary of pervious results related to the disjoint spectra functions.

(1) Two Boolean functions with disjoint spectra can be used to construct highly nonlinear resilient functions as clearly mentioned in [17].

(2) In 2009, [12] constructed almost optimal resilient functions with even large variables by disjoint spectra functions.

(3) Reference [4] implied for a Boolean function ; if and only if is a Bent function. In order to construct a Boolean function with lower sum-of-squares indicator; therefore [15] constructed a Boolean function with lower based on modifying Bent functions and disjoint spectra functions.

Although many authors give constructions with some cryptology properties based on disjoint spectra functions, how to construct disjoint spectra functions which are not (linearly equivalent to) partially linear functions is an open problem [12, 18].

Note that bent functions have minimum sum-of-squares indicator, but any two Bent functions are not disjoint spectra functions or perfect uncorrelated. It is because that for any . Thus, and . That is, we cannot construct an -variable Boolean function by -variable disjoint spectra bent functions.

In order to construct an -variable Boolean function with small by -variable bent functions, we give a definition of two pairs of Boolean functions.

Definition 19. Two pairs of -variable Boolean functions are called to be perfectly uncorrelated if for all and are called to be uncorrelated of degree if for all such that .

Theorem 20. Let ; . If two pairs of -variable Bent functions are perfectly uncorrelated, then

Proof. According to the above analysis, we know that any two bent functions satisfy ; thus, we have

In Theorem 20, we can give many -variable Boolean functions by using -variable decomposition Bent functions.

Example 21. For , we give the cross-correlation value distribution between any two bent functions in Table 4.

(1) We find that the number of the cross-correlation distributions of any two bent functions from 896 bent functions is 2047 (=15+16+560+560+448) classes; that is, there are 2047 different cross-correlation distributions of any two bent functions.

(2) We obtain that the number of perfect uncorrelated pairs is 201210 among 2047 different cross-correlation distributions. It implies that one can find many Bent functions-pairs satisfying disjoint spectrum; that is, we can construct lots of Boolean functions with in Theorem 20. Meanwhile, by Theorem 20, we can obtain many balanced Boolean functions , if bent Boolean functions satisfy ; it is easy to find satisfying . For example, and . Thus, if bent Boolean functions satisfy the following conditions,

(1) ;

(2) two pairs of -variable Bent functions are perfectly uncorrelated,

then is a balanced Boolean function with .

In stream cipher, constructing Boolean function with high nonlinearity and very good property (low absolute indicator and low sum-of-squares indicator ) is favored. Addressing this problem, many works have been done; see, for instance, [3, 19, 20], which are summarized in Table 5; we find that our result is better than their methods.

Summary 3. Theorem 20 provides a construction for use in lightweight dynamic cryptographic algorithms, especially some -variable or -variable Boolean functions for encryption algorithm in the Internet of Things [2]; that is, we find many alternative cryptographic components with the same cryptographic properties.

6. Conclusions

In this paper, we have derived a construction method to obtain a Boolean function with small sum-of-squares indicator by decomposition Boolean functions; some properties and a search algorithm of Boolean functions with the same autocorrelation (or cross-correlation) distribution are given. We put up a new definition of two pairs of Boolean functions; this definition plays an important role in our construction. We believe that these conclusions and properties can be widely studied in designing the stream ciphers and block ciphers. In particular, Boolean functions with the same autocorrelation (or cross-correlation) distribution provide optional components for lightweight cryptographic algorithms in the Internet of Things. Using these Boolean functions makes cryptographic algorithms dynamic but does not change the security strength of cryptographic algorithms.

Appendix

See Tables 6, 7, 8, 9, 10, and 11.

Data Availability

All data used to support the findings of this study are included within the article (e.g., Table 1, Table 2, ⋯, Table 11); no other data were used to support this study.

Conflicts of Interest

The authors declare that there are no conflicts of interest in the publication of this paper.

Acknowledgments

The first author is supported by the National Key R&D Program of China (nos. 2017YFB0802000 and 2017YFB0802004). The second author is supported by the National Key R&D Program of China (no. 2017YFB0802000) and in part by the National Natural Science Foundation of China (nos. 61572148 and 61872103). The last author is supported by Jiangsu Natural Science Foundation (BK20181352) and in part by the Fundamental Research Funds for the Central Universities (no. 2015XKMS058).

References

D. Evans, The Internet of Things How the next Evolution of the Internet is Changing Everything, Cisco Internet Business Solutions Group (IBSG), April 2011, https://www.cisco.com/c/dam/en_us/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf.
K. Brockmeier, “Gartner Adds Big Date, Gamification, and Internet of Things to Its Hype Cycle, Read Write Enterprise,” Trend Analysis, 2011, https://readwrite.com/2011/08/11/gartner-adds-big-data-gamifica/.
View at: Google Scholar
A. Canteaut, C. Carlet, P. Charpin, and C. Fontaine, “Propagation characteristics and correlation immunity of highly nonlinearity Boolean functions,” in Advances in Cryptology - EUROCRYPT 2000, vol. 1807 of Lecture Notes in Computer Sceince, pp. 507–522, Springer, Berlin, 2000.
View at: Publisher Site | Google Scholar | MathSciNet
X.-M. Zhang and Y. Zheng, “GAC- the criterion for global avalanche characteristics of cryptographic functions,” The Journal of Universal Computer Science, vol. 1, no. 5, pp. 320–337, 1995.
View at: Google Scholar | MathSciNet
N. T. Courtois and W. Meier, “Algebraic attacks on stream ciphers with linear feedback,” in Advances in cryptology—EUROCRYPT 2003, vol. 2656 of Lecture Notes in Computer Sceince, pp. 345–359, Springer, Berlin, 2003.
View at: Publisher Site | Google Scholar | MathSciNet
Q. Wang and P. Stănică, “Transparency order for Boolean functions: analysis and construction,” Designs, Codes and Cryptography, pp. 1–17, 2019.
View at: Publisher Site | Google Scholar
J. J. Son, J. I. Lim, S. Chee, and S. H. Sung, “Global avalanche characteristics and nonlinearity of balanced Boolean function,” Information Processing Letters, vol. 65, no. 3, pp. 139–144, 1998.
View at: Publisher Site | Google Scholar | MathSciNet
S. H. Sung, S. Chee, and C. Park, “Global avalanche characteristics and propagation criterion of balanced Boolean functions,” Information Processing Letters, vol. 69, no. 1, pp. 21–24, 1999.
View at: Publisher Site | Google Scholar | MathSciNet
Y. Zhou, M. Xie, and G. Xiao, “On the global avalanche characteristics of two Boolean functions and the higher order nonlinearity,” Information Sciences, vol. 180, no. 2, pp. 256–265, 2010.
View at: Publisher Site | Google Scholar | MathSciNet
Y. Zhou, X. Dong, W. Zhang, and B. Zeng, “New bounds on the sum-of-squares indicator,” in Proceedings of the 7th International ICST Conference on Communications and Networking in China (CHINACOM '12), pp. 173–178, Kun Ming, August 2012.
View at: Publisher Site | Google Scholar
D. Tang, W. Zhang, and X. Tang, “Construction of balanced Boolean functions with high nonlinearity and good autocorrelation properties,” Designs, Codes and Cryptography. An International Journal, vol. 67, no. 1, pp. 77–91, 2013.
View at: Publisher Site | Google Scholar | MathSciNet
W. Zhang and G. Xiao, “Constructions of almost optimal resilient Boolean functions on large even number of variables,” IEEE Transactions on Information Theory, vol. 55, no. 12, pp. 5822–5831, 2009.
View at: Publisher Site | Google Scholar | MathSciNet
Y. Zhou, “On the distribution of auto-correlation value of balanced Boolean functions,” Advances in Mathematics of Communications, vol. 7, no. 3, pp. 335–347, 2013.
View at: Publisher Site | Google Scholar | MathSciNet
Z. Zhuo, J. Chong, R. Yu, and M. Ren, “Global avalanche characteristics of Boolean functions by concatenation,” Journal of Harbin Institute of Technology (New Series), vol. 23, no. 3, pp. 91–96, 2016.
View at: Google Scholar
Y. Zhou, W. Zhang, S. Zhu, and G. Xiao, “The global avalanche characteristics of two Boolean functions and algebraic immunity,” International Journal of Computer Mathematics, vol. 89, no. 16, pp. 2165–2179, 2012.
View at: Publisher Site | Google Scholar | MathSciNet
P. Sarkar and S. Maitra, “Cross-correlation analysis of cryptographically useful Boolean functions and S-boxes,” Theory of Computing Systems, vol. 35, no. 1, pp. 39–57, 2002.
View at: Publisher Site | Google Scholar | MathSciNet
E. Pasalic, S. Maitra, T. Johansson, and P. Sarkar, “New constructions of resilient and correlation immune Boolean functions achieving upper bounds on nonlinearity,” in Proceedings of the Workshop o Coding and Cryptography - WCC '01, vol. 6 of Electronic Notes in Discrete Mathematics, pp. 158–167, Amsterdam, The Netherlands: Elsevier Science, Paris, France, 2001.
View at: Google Scholar | MathSciNet
F. Zhang, Y. Wei, E. Pasalic, and S. Xia, “Large sets of disjoint spectra plateaued functions inequivalent to partially linear functions,” Institute of Electrical and Electronics Engineers Transactions on Information Theory, vol. 64, no. 4, part 2, pp. 2987–2999, 2018.
View at: Publisher Site | Google Scholar | MathSciNet
P. Stănică, “Nonlinearity, local and global avalanche characteristics of balanced Boolean functions,” Discrete Mathematics, vol. 248, no. 1-3, pp. 181–193, 2002.
View at: Publisher Site | Google Scholar | MathSciNet
P. Stănică and S. H. Sung, “Improving the nonlinearity of certain balanced Boolean functions with good local and global avalanche characteristics,” Information Processing Letters, vol. 79, no. 4, pp. 167–172, 2001.
View at: Publisher Site | Google Scholar | MathSciNet

Copyright

Copyright © 2019 Yu Zhou et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

913

Downloads

999

Citations