Highest Voted 's-boxes' Questions - Cryptography Stack Exchange

23

votes

5 answers

Desirable S-box properties

What desirable properties should an S-box have? My current standard selection process is to just pick them at random and verify that they fit the following criteria: The probability that any random two bits $S[a]_b$ and $S[c]_d$ are equal (for any…

s-boxes

asked Nov 23 '11 at 14:05

Polynomial

3,527
4
29
45

17

votes

2 answers

Why do we keep designing new static s boxes?

As I understand s box properties, they primarily need high non linearity and low auto correlation. But most importantly for this question, they're not secret. There are many questions on this site asking for help in generating them. And new…

s-boxes

asked Aug 02 '17 at 14:19

Paul Uszak

15,390
2
28
77

11

votes

2 answers

How can an S-Box be reversed?

So, as an exercise to greater understand some things about cryptography, I decided to try and implement GOST 28147-89, which uses eight 4x4 S-Boxes. I can grasp the concept of putting 4 bits through the S-Box and getting four out, but how would one…

s-boxes

asked Feb 16 '13 at 12:20

LMS

213
2
6

5

votes

1 answer

Security Implications of Fixed & Opposite Fixed Points of Sbox

Fixed point means when Sbox Input is equal to Sbox Output whereas Opposite Fixed Point means when Sbox Input is complement of Sbox Output. How does Fixed and Opposite Fixed Point affect the strength/ security of Sbox?

s-boxes

asked Mar 24 '18 at 19:57

R. Sam

389
2
6

3

votes

1 answer

Number of active s boxes

How can I calculate the minimum number of active s_boxes for block cipher algorithms such as present algorithm? I have read in that, but I couldn't understand the meaning of branch number.

s-boxes

asked Jul 25 '18 at 00:11

Maha Ibrahim

101
3

2

votes

0 answers

What does "the input difference of each Sbox should be zero" mean?

While going through the article, The MALICIOUS Framework: Embedding Backdoors into Tweakable Block Ciphers. I came across this statement in order to have a deterministic differential characteristic all Sboxes must be differentially inactive (i.e.,…

s-boxes

asked Jan 18 '21 at 06:31

Maham Mehmood

21
3

2

votes

1 answer

Explain the fast Walsh–Hadamard transform in simple steps or pseudocode

I've read that the fast Walsh–Hadamard transform is a way to efficiently calculate the linearity/non-linearity of an S-box. Can I get a description of it in simple steps or pseudocode that is restricted to simpler notation and terminology?

s-boxes

asked Dec 22 '17 at 03:37

Melab

3,655
2
22
44

2

votes

1 answer

Relying on a 4-bit S-box instead of an 8-bit one

I've discovered that generating good S-boxes with only modular addition, bitwise XOR, bitwise AND, bitwise OR, bitwise NOT, rotations, and, shifts is difficult. I figure that using them to make a good 4-bit S-box will be easier. But, does using a…

s-boxes

asked Dec 16 '17 at 14:48

Melab

3,655
2
22
44

2

votes

2 answers

More suitable Substitution Box

Can anyone suggest me any fast searching method or algorithm to find best S-Box among a big number of S-boxes? For example; if I have 100 different S-boxes, I want to pick that one which is more secure than the others.

s-boxes

asked Jul 12 '16 at 04:51

faiz

23
5

2

votes

2 answers

Generating S boxes that satisfy Coppersmith's criteria?

I'd like to generate all possible 6-bit to 4-bit S-Boxes that satisfy the criteria for S-Box design given by Coppersmith, but I have a few doubts: How many such S-Boxes are possible? Is there any existing implementation of said boxes? What would be…

s-boxes

asked Sep 08 '14 at 05:55

Tarun Verma

65
4

1

vote

2 answers

What are some design considerations for S-Boxes?

My studies in cryptography have been quite detailed so far, however, one area that hasn't been explained to me is how S-Boxes are typically designed. Typically, the S-boxes are provided "as is" by the developers of the algorithm, but I am looking…

s-boxes

asked Aug 09 '18 at 19:34

xoreaxeaxeax_fan

35
4

1

vote

0 answers

What is Global Avalanche Criteria(GAC)

GAC consists of absolute indicator and sum of square indicator. Please help me in understanding what are these indicators? How to calculate GAC for Sbox? What is confusion Coefficient Variance of an Sbox?

s-boxes

asked Mar 16 '17 at 08:02

crypt

2,417
17
32

1

vote

2 answers

How changing a single byte/word in a substitution box affects the inverse result?

Let's suppose I have a 8-bit substitution box composed of 256-bytes and invert it. Does changing one byte in the substitution box will make the inverse result completely different than if I didn't change it? Or will only the changed byte be…

s-boxes

asked Apr 12 '23 at 06:34

alpominth

393
2
10

0

votes

2 answers

Implementing the sbox components using lookup tables

Does it is possible to implement the components of a SBOX tables using lookup_tables. For example for a 4-bit SBOX it is possible to obtain the component 3 using SAGE in the following way sage: from sage.crypto.sbox import SBox sage: S =…

s-boxes

asked Sep 27 '21 at 19:30

juaninf

2,701
2
18
28

0

votes

2 answers

$\alpha^{2^{m} + 1}$ is a generator of $\operatorname{GF}(2^m)$?

This is from a paper (Partitions in the S-Box of Streebog and Kuznyechik) about S-Boxes: Let $\operatorname{GF}(2^{2m}) = \mathbb{F}_2[X]/p(X)$ be a finite field of even degree defined by a primitive polynomial $p$. The multiplicative subgroup…

s-boxes

asked Jun 21 '19 at 20:17

winklerrr

129
4

Questions tagged [s-boxes]