A 0 alors Pour chaque sous clé candidate k faire Calculer d = F k (X) ? F k (X ? ) ,
des attaques statistiques est assez différente des attaques vues jusqu'ici, puisque qu'elle relève de l'étude des propriétés de non linéarité du système de chiffrement. 7.2 Fonctions vectorielles sur ?(0) Dans le but d'évaluer la différentiabilité d'une fonction puissance F d (x) = x d définie sur le corps F 2 n , nous pouvons commencer par étudier le cas particulier de certaines valeurs de ?(b) En particulier nous nous intéressons au cas particulier où b = 0 ,
Soit s tel que ?(F ) = 2 s . Ces permutations existent si et seulement si p divise soit (2 s?2 ? 1) soit (3 · 2 s?2 ? 1) Plus précisément, on a que ? pour tout p = 5, ?(F ) = 8 ; ? pour tout p ? {3, 11}, ?(F ) = 16 ; ? pour tout p ? {7, 23}, ?(F ) = 32 ; ? pour tout p ? {3, pp.47-64 ,
Cryptanalysis of ARMADILLO2, Asiacrypt 2011, pp.308-326, 2011. ,
Algebraic Techniques in Differential Cryptanalysis, Lecture Notes in Computer Science, vol.5665, pp.193-208, 2009. ,
DOI : 10.1007/978-3-642-03317-9_12
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.215.3546
New Features of Latin Dances : Analysis of Salsa, ChaCha, and Rumba Tutorial on large deviations for the binomial distribution Camellia : A 128-Bit Block Cipher Suitable for Multiple Platforms -Design and Analysis, Fast Software Encryption Selected Areas in Cryptography, pp.470-488125, 1989. ,
Zero-sum distinguishers for reduced Keccak-f and for the core functions of Luffa and Hamsi, Presented at the rump session of Cryptographic Hardware and Embedded Systems -CHES 2009, 2000. ,
Handbook of mathematical functions Classifying 8-Bit to 8-Bit S-Boxes Based on Power Mappings from the Point of DDT and LAT Distributions, Arithmetic of Finite Fields, pp.123-133, 1964. ,
Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials, EUROCRYPT '99 Selected Areas in Cryptography , SAC 2010BCC10a] Céline Blondeau Proceedings of the 2010 IEEE International Symposium on Information Theory, ISIT 10, pp.12-23, 1999. ,
DOI : 10.1007/3-540-48910-X_2
Differential properties of power functions, International Journal of Information and Coding Theory, vol.1, issue.2, pp.149-170, 2010. ,
DOI : 10.1504/IJICOT.2010.032132
URL : https://hal.archives-ouvertes.fr/hal-00610114
Differential Properties of x ? x 2 t ?1, IEEE Trans. Inform. Theory, vol.57, 2011. ,
URL : https://hal.archives-ouvertes.fr/hal-00610099
Anne Canteaut, Pascale Charpin, and Yann Laigle- Chapuy. On Almost Perfect Nonlinear Functions Over ,
Two Classes of Quadratic APN Binomials Inequivalent to Power Functions, IEEE Transactions on Information Theory, vol.54, issue.9, pp.4160-41704218, 2006. ,
DOI : 10.1109/TIT.2008.928275
On Multiple Linear Approximations, Advances in Cryptology -CRYPTO 2004, pp.1-22, 2004. ,
DOI : 10.1007/978-3-540-28628-8_1
On Almost Perfect Nonlinear Permutations, EUROCRYPT-93, pp.65-76, 1993. ,
DOI : 10.1007/3-540-48285-7_7
Enhancing Differential-Linear Cryptanalysis, ASIACRYPT '02, pp.254-266, 2002. ,
DOI : 10.1007/3-540-36178-2_16
Key Recovery Attacks of Practical Complexity on AES-256 Variants with up to 10 Rounds, Advances in Cryptology -EUROCRYPT 2010, pp.299-319, 2010. ,
DOI : 10.1007/978-3-642-13190-5_15
An APN permutation in dimension six, Finite Fields : theory and applications, pp.33-42, 2010. ,
DOI : 10.1090/conm/518/10194
Impossible Differential Cryptanalysis of Safer++, Proceedings of the 2008 International Conference on Security & Management, pp.10-14, 2008. ,
On MISTY1 Higher Order Differential Cryptanalysis, Lecture Notes in Computer Science, pp.22-36, 2000. ,
DOI : 10.1007/3-540-45247-8_3
On the Data Complexity of Statistical Attacks Against Block Ciphers, 2009. ,
URL : https://hal.archives-ouvertes.fr/hal-00610110
On the Data Complexity of Statistical Attacks Against Block Ciphers, pp.469-488, 2009. ,
URL : https://hal.archives-ouvertes.fr/hal-00610110
Links Between Theoretical and Effective Differential Probabilities : Experiments on PRESENT, TOOLS'10, 2010. ,
Multiple Differential Cryptanalysis: Theory and Practice, Fast Software Encryption, FSE 2011, pp.35-54 ,
DOI : 10.1007/978-3-540-71039-4_23
URL : https://hal.archives-ouvertes.fr/hal-00610107
Accurate estimates of the data complexity and success probability for various cryptanalyses. Designs , Codes and Cryptography, pp.3-34, 2011. ,
URL : https://hal.archives-ouvertes.fr/hal-00610101
New types of cryptanalytic attacks using related keys, pp.229-246, 1994. ,
The Boomerang Attack on 5 and 6-Round Reduced AES, Hans Dobbertin, Vincent Rijmen, and Aleksandra Sowa Advanced Encryption Standard -AES, 4th International Conference, pp.11-15, 2004. ,
DOI : 10.1007/11506447_2
How Far Can We Go Beyond Linear Cryptanalysis?, ASIACRYPT '04, pp.432-450, 2004. ,
DOI : 10.1007/978-3-540-30539-2_31
PRESENT: An Ultra-Lightweight Block Cipher, Cryptographic Hardware and Embedded Systems -CHES 2007, pp.450-466, 2007. ,
DOI : 10.1007/978-3-540-74735-2_31
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.122.2536
On the classification of APN functions up to dimension five, Designs, Codes and Cryptography, vol.2, issue.1-3, pp.273-288, 2008. ,
DOI : 10.1007/s10623-008-9194-6
A highly nonlinear differentially 4 uniform power mapping that permutes fields of even degree. Finite Fields and Their Applications, pp.231-242, 2010. ,
On the solution of algebraic equations over finite fields, Information and Control, vol.10, issue.6, pp.553-564, 1967. ,
DOI : 10.1016/S0019-9958(67)91016-9
Differential Cryptanalysis of DES-like Cryptosystems, Lecture Notes in Computer Science, vol.537, pp.2-21, 1990. ,
DOI : 10.1007/3-540-38424-3_1
Differential cryptanalysis of DES-like cryptosystems, Journal of Cryptology, vol.36, issue.4, pp.3-72, 1991. ,
DOI : 10.1007/BF00630563
Differential Cryptanalysis of the Full 16-round DES, CRYPTO'92, pp.487-496, 1993. ,
DOI : 10.1007/3-540-48071-4_34
The Complexity of Distinguishing Distributions (Invited Talk), ICITS, pp.210-222, 2008. ,
DOI : 10.1007/978-3-540-85093-9_20
Analyse et conception de chiffrements à clef secrète Habilitation à diriger des recherches, Car69] Leonard. Carlitz. Kloosterman sums and finite field extensions, pp.179-183, 1969. ,
Propagation Characteristics and Correlation-Immunity of Highly Nonlinear Boolean Functions, Advances in Cryptology -EUROCRYPT'2000, pp.507-522, 2000. ,
DOI : 10.1007/3-540-45539-6_36
On cryptographic properties of the cosets of R(1, m), IEEE Transactions on Information Theory, vol.47, issue.4, pp.1494-1513, 2001. ,
DOI : 10.1109/18.923730
Binary m-sequences with three-valued crosscorrelation: a proof of Welch's conjecture, IEEE Transactions on Information Theory, vol.46, issue.1, pp.4-8, 2000. ,
DOI : 10.1109/18.817504
Codes, Bent Functions and Permutations Suitable For DES-likeCryptosystems. Designs, Codes and Cryptography Some new 3-valued crosscorrelation functions of binary m-sequences, CD96] Thomas Cusick and Hans Dobbertin, pp.125-1561238, 1996. ,
Finding nonnormal bent functions, Discrete Applied Mathematics, vol.154, issue.2, pp.202-218, 2006. ,
DOI : 10.1016/j.dam.2005.03.027
URL : http://doi.org/10.1016/j.dam.2005.03.027
Normal Boolean functions, Journal of Complexity, vol.20, issue.2-3, pp.245-265, 2004. ,
DOI : 10.1016/j.jco.2003.08.010
A new technique for multidimensional linear cryptanalysis with applications on reduced round serpent, Information Security and Cryptology -ICISC 2008, pp.383-398, 2008. ,
Linear Cryptanalysis of Reduced-Round PRESENT, Topics in Cryptology -CT-RSA 2010, pp.302-317, 2010. ,
Propagation characteristics of x -1 and Kloosterman sums. Finite Fields and Their Applications, pp.366-381, 2007. ,
Improved Impossible Differential Cryptanalysis of Rijndael and Crypton, ICISC, volume 2288 of Lecture Notes in Computer Science, pp.39-49, 2001. ,
A Statistical Saturation Attack against the Block Cipher PRESENT, CT-RSA-2009, pp.195-210, 2009. ,
DOI : 10.1007/978-3-540-68164-9_4
Information theory, 1991. ,
URL : https://hal.archives-ouvertes.fr/hal-00756546
Links between differential and linear cryptanalysis, Advances in Cryptology -EUROCRYPT'94, pp.356-365, 1995. ,
DOI : 10.1007/BFb0053450
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.30.4694
Degree of Composition of Highly Nonlinear Functions and Applications to Higher Order Differential Cryptanalysis, Advances in Cryptology -EUROCRYPT 2002, pp.518-533, 2002. ,
DOI : 10.1007/3-540-46035-7_34
A New Criterion for Nonlinearity of Block Ciphers, IEEE Transactions on Information Theory, vol.53, issue.11, pp.3944-3957, 2007. ,
DOI : 10.1109/TIT.2007.907341
The block cipher Square, Fast Software Encryption, FSE'97, pp.149-165, 1997. ,
DOI : 10.1007/BFb0052343
Wiley series in Probability Theory, Nagaraja. Order Statistics, 2003. ,
One-to-One Highly Nonlinear Power Functions on GF(2 n ), Applicable Algebra in Engineering, Communication and Computing, vol.9, issue.2 ,
DOI : 10.1007/s002000050099
Almost Perfect Nonlinear Power Functions on GF(2n): The Niho Case, Information and Computation, vol.151, issue.1-2, pp.57-72, 1999. ,
DOI : 10.1006/inco.1998.2764
Almost perfect nonlinear power functions on GF(2/sup n/): the Welch case, IEEE Transactions on Information Theory, vol.45, issue.4, pp.1271-1275, 1999. ,
DOI : 10.1109/18.761283
Almost Perfect Nonlinear Power Functions on GF(2 n ): A New Case for n Divisible by 5, Proceedings of Finite Fields and Applications Fq5, pp.113-121, 2000. ,
DOI : 10.1007/978-3-642-56755-1_11
AES proposal : the Rijndael block cipher, 1999. ,
Probability distributions of correlation and differentials in block ciphers, Journal of Mathematical Cryptology, vol.1, issue.3, 2005. ,
DOI : 10.1515/JMC.2007.011
Information Theory and Reliable Communication Golomb and Guang Gong. Periodic binary sequences with the trinomial property Transform domain analysis of DES, IEEE Trans. Inform. Theory IEEE Trans. Inform. Theory, vol.45, issue.46, pp.1276-1279, 1968. ,
Cryptanalyse statistique des algorithmes de chiffrement et sécurité des schémas d'authentification, Thèse de doctorat, 1997. ,
Theory of transformation groups of polynomials over GF (2) with applications to linear shift register sequences Multidimensional Extension of Matsui's Algorithm 2 Dependent Linear Approximations : The Algorithm of Biryukov and Others Revisited The Cryptographers, Her05] D. Hertel. A Note on the Kasami Power Function Topics in Cryptology -CT-RSA 2010, pp.87-109, 1968. ,
Two results on maximum nonlinear functions, Designs, Codes and Cryptography, vol.44, issue.1-3, pp.225-235, 2008. ,
DOI : 10.1007/s10623-007-9124-z
A proof of the Welch and Niho conjectures on crosscorrelations of binary m-sequences. Finite Fields and their Applications, pp.253-286, 2001. ,
Hash Functions and the (Amplified) Boomerang Attack, Lecture Notes in Computer Science, vol.4622, pp.244-263, 2007. ,
DOI : 10.1007/978-3-540-74143-5_14
Linear cryptanalysis using multiple approximations Advances in Cryptology -CRYPTO-1994, Lecture Notes in Computer Science, vol.839, pp.26-39, 1994. ,
On the Complexity of Matsui???s Attack, SAC '01, pp.199-211, 2001. ,
DOI : 10.1007/3-540-45537-X_16
On the Optimality of Linear, Differential, and Sequential Distinguishers, EUROCRYPT '03, pp.17-32, 2003. ,
DOI : 10.1007/3-540-39200-9_2
Optimal Key Ranking Procedures in a Statistical Cryptanalysis, Fast Software Encryption , FSE 2003, pp.235-246, 2003. ,
DOI : 10.1007/978-3-540-39887-5_18
Hyperplane sections of fermat varieties in P 3 in char. 2 and some applications to cyclic codes ,
DOI : 10.1007/3-540-56686-4_43
Applied Algebra, Algebraic Algorithms and Error-Correcting Codes, AAECC-10, Lecture Notes in Computer Science, vol.673, pp.180-194, 1993. ,
The weight enumerators for several classes of subcodes of the 2nd order binary Reed-Muller codes, Information and Control, vol.18, issue.4, pp.369-394, 1971. ,
DOI : 10.1016/S0019-9958(71)90473-6
Truncated differentials of SAFER, Fast Software Encryption, pp.15-26, 1996. ,
DOI : 10.1007/3-540-60865-6_38
Truncated and higher order differentials, Fast Software Encryption, FSE'94 Advances in cryptology -ASIACRYPT 2007, pp.196-211, 1995. ,
DOI : 10.1007/3-540-60590-8_16
Truncated Differentials and Skipjack, CRYPTO 99 Fast Software Encryption -FSE 2002Lai94] Xuejia Lai. Higher order derivatives and differential cryptanalysis. In Symposium on communication, Coding and cryptography, pp.165-180, 1994. ,
DOI : 10.1007/3-540-48405-1_11
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.115.623
Small scale variants of the block cipher PRESENT. Cryptology ePrint Archive, Report, vol.143, 2010. ,
On Linear Hulls, Statistical Saturation Attacks, PRESENT and a Cryptanalysis of PUFFIN, Advances in Cryptology -EUROCRYPT 2011, pp.303-322, 2011. ,
DOI : 10.1007/978-3-642-20465-4_18
Truncated Differential Cryptanalysis of Camellia, Advances in Cryptology -CRYPTO '94 Information Security and Cryptology ? ICISC 2001LM91] Xuejia Lai and James L. Massey. Markov Ciphers and Differentail Cryptanalysis EUROCRYPT-91, Lecture Notes in Computer Science, pp.17-25, 1991. ,
DOI : 10.1007/3-540-45861-1_3
On the Classification of 4 Bit S-Boxes, Proceedings of the 1st international workshop on Arithmetic of Finite Fields, pp.159-176, 2007. ,
DOI : 10.1007/978-3-540-73074-3_13
The Saturation Attack ??? A Bait for Twofish, Fast Software Encryption, FSE-2001Mat93] Mitsuru Matsui EURO- CRYPT '93, pp.1-15, 1993. ,
DOI : 10.1007/3-540-45473-X_1
The First Experimental Cryptanalysis of the Data Encryption Standard, CRYPTO '94Mat97] Mitsuru Matsui. New Block Encryption Algorithm MISTY. In Fast Software Encryption -FSE 1997, pp.1-11, 1994. ,
DOI : 10.1007/3-540-48658-5_1
Finite Fields for Computer Scientists and Engineers, 1987. ,
DOI : 10.1007/978-1-4613-1983-2
Stochastic Cryptanalysis of Crypton, Fast Software Encryption, pp.121-133, 1978. ,
DOI : 10.1007/3-540-44706-7_9
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.85.1202
Preuves d'Analyse et de Sécurité en Cryptologie à clé Secrète ,
Security of E2 against Truncated Differential Cryptanalysis, Selected Areas in Cryptography, SAC'99, pp.106-117, 1999. ,
DOI : 10.1007/3-540-46513-8_8
New impossible differential attacks on reduced-round Crypton, Fast Software Encryption, FSE '99, pp.222-227, 2010. ,
DOI : 10.1016/j.csi.2009.11.011
Upper bounds on algebraic immunity of boolean power functions Algebraic immunity of S-boxes based on power mappings : analysis and construction Provable security against differential cryptanalysis, Fast Software Encryption Advances in Cryptology BIBLIOGRAPHIE -CRYPTO '92, pp.375-3894263, 1992. ,
Linear (Hull) and Algebraic Cryptanalysis of the Block Cipher PRESENT [Nyb91] Kaisa Nyberg. Perfect nonlinear S-boxes Differentially uniform mappings for cryptography, Cryptology and Network Security, CANS 2009, Proceedings, volume 5888 of Lecture Notes in Computer Science Advances in Cryptology ? EU- ROCRYPT '91 of Book Series Lecture Notes in Computer Science Eurocrypt-93 Generalized Feistel Networks. In ASIACRYPT '96, pp.58-75, 1991. ,
Weak Keys of Reduced-Round PRESENT for Linear Cryptanalysis, Selected Areas in Cryptography, pp.249-265, 2009. ,
DOI : 10.1007/978-3-642-05445-7_16
Lightweight Block Ciphers Revisited: Cryptanalysis of Reduced Round PRESENT and HIGHT, Information Security and Privacy ProceedingsPSLL03] Sangwoo Park, Soo Hak Sung, Sangjin Lee, and Jongin Lim Fast Software Encryption,FSE 2003, pp.90-107, 2003. ,
DOI : 10.1007/s00145-005-0129-3
Relationships among Differential, Truncated Differential, Impossible Differential Cryptanalyses against Word-Oriented Block Ciphers like RI- JNDAEL, E2 [Tez10] Cihangir Tezcan. The Improbable Differential Attack : Cryptanalysis of Reduced Round CLEFIA Strenght of MISTY1 without FL Function for Higher Order Differential Attack, Probability of Success in Linear and Differential Cryptanalysis AES Candidate Conference Progress in Cryptology -INDOCRYPT 2010 Applied Algebra , Algebraic Algorithms and Error-Correcting Codes, pp.131-147, 1999. ,
Decorrelation: A Theory for Block Cipher Security, Journal of Cryptology, vol.16, issue.4, pp.249-286, 2003. ,
DOI : 10.1007/s00145-003-0220-6
Critères de Sécurité des algorithmes de Chiffrement à Clé Secrète, Thèse de doctorat, 2005. ,
The Boomerang Attack, Fast Software Encryption, 6th International Workshop, FSE '99, pp.156-170, 1999. ,
DOI : 10.1007/3-540-48519-8_12
Differential Cryptanalysis of Reduced-Round PRESENT, Progress in Cryptology -AFRICACRYPT 2008, pp.40-49, 2008. ,
DOI : 10.1007/978-3-540-68164-9_4
Bit-pattern based integral attack, Lecture Notes in Computer Science, vol.5086, pp.363-381, 2008. ,
The criterion for global avalanche characterics of cryptographic functions, Journal of Universal Computer Science, vol.1, issue.5, pp.320-337, 1995. ,
Plateaued functions. Information and Communication Security, ICICS'99, pp.224-300, 1999. ,
6 1.2.3 Chiffrement de type substitution-permutation ,
26 2.1.4 Comment retrouver de l'information sur ,
117 6.2.1 Les variables aléatoires simples 117 6.2.2 Distribution des variables aléatoires simples ,
170 8.4.2 L'exposant quadratique, p.174 ,