Cryptographic applications of permutation polynomials
Abstract
In this work we propose a novel technique for known plaintext attack based on polynomial fitting over finite fields. This technique exploits the fact that in most symmetric block ciphers, the message and ciphertext spaces are of order 2n (n bits), so the enciphering function for each key can be viewed as a permutation of the elements of a finite field. As such there exists a permutation polynomial over the field which is equivalent to the enciphering function. The attack can be carried out by fitting a polynomial to the known plaintext-ciphertext pairs. The success of the attack depends on the sparsity structure (including but not limited to the degree) of the equivalent permutation polynomial. We find the equivalent polynomials to the underlying primitives in practical substitution-permutation network cryptosystems. We show, for example, that the AES SBOX is equivalent to a sparse polynomial whereas the Serpent SBOXes are all equivalent to dense polynomials. We determine the degree distributions of encryption functions of a tractably sized SPN cryptosystem. We show that as the round function is iterated, the nonlinearity of the SPN cryptosystem can cancel itself out leaving a purely linear enciphering function. We look at an open question from the permutation polynomial literature which is relevant to this attack, specifically what is the degree distribution of all permutation polynomials over a field. We present an algorithm for finding all functions over a field of characteristic 2 whose equivalent polynomial is any particular degree.
Degree
Ph.D.
Advisors
Walther, Purdue University.
Subject Area
Computer Engineering
Off-Campus Purdue Users:
To access this dissertation, please log in to our
proxy server.