Cellular automata based S-boxes
Luca Mariot (University of Milano-Bicocca)
Stjepan Picek (TU Delft - Cyber Security, Université Paris 13)
Alberto Leporati (University of Milano-Bicocca)
Domagoj Jakobovic (University of Zagreb)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
Cellular Automata (CA) represent an interesting approach to design Substitution
Boxes (S-boxes) having good cryptographic properties and low implementation costs. From the cryptographic perspective, up to now there have been only ad-hoc studies about specific kinds of CA, the best known example being the χ nonlinear transformation used in Keccak. In this paper, we undertake a systematic investigation of the cryptographic properties of S-boxes defined by CA, proving some upper bounds on their nonlinearity and differential
uniformity. Next, we extend some previous published results about the construction of CAbased S-boxes by means of a heuristic technique, namely Genetic Programming (GP). In particular, we propose a “reverse engineering” method based on De Bruijn graphs to determine whether a specific S-box is expressible through a single CA rule. Then, we use GP to assess if some CA-based S-box with optimal cryptographic properties can be described
by a smaller CA. The results show that GP is able to find much smaller CA rules defining the same reference S-boxes up to the size 7 × 7, suggesting that our method could be used to find more efficient representations of CA-based S-boxes for hardware implementations. Finally, we classify up to affine equivalence all 3 × 3 and 4 × 4 CA-based S-boxes.