, A 0 alors Pour chaque sous clé candidate k faire Calculer d = F k (X) ? F k (X ? )
, des attaques statistiques est assez différente des attaques vues jusqu'ici, puisque qu'elle relève de l'étude des propriétés de non linéarité du système de chiffrement. 7.2 Fonctions vectorielles sur ?(0) Dans le but d'évaluer la différentiabilité d'une fonction puissance F d (x) = x d définie sur le corps F 2 n , nous pouvons commencer par étudier le cas particulier de certaines valeurs de ?(b) En particulier nous nous intéressons au cas particulier où b = 0
, Soit s tel que ?(F ) = 2 s . Ces permutations existent si et seulement si p divise soit (2 s?2 ? 1) soit (3 · 2 s?2 ? 1) Plus précisément, on a que ? pour tout p = 5, ?(F ) = 8 ; ? pour tout p ? {3, 11}, ?(F ) = 16 ; ? pour tout p ? {7, 23}, ?(F ) = 32 ; ? pour tout p ? {3, pp.47-64
, Cryptanalysis of ARMADILLO2, Asiacrypt 2011, pp.308-326, 2011.
, Algebraic Techniques in Differential Cryptanalysis, Lecture Notes in Computer Science, vol.5665, pp.193-208, 2009.
DOI : 10.1007/978-3-642-03317-9_12
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.215.3546
, New Features of Latin Dances : Analysis of Salsa, ChaCha, and Rumba Tutorial on large deviations for the binomial distribution Camellia : A 128-Bit Block Cipher Suitable for Multiple Platforms -Design and Analysis, Fast Software Encryption Selected Areas in Cryptography, pp.470-488125, 1989.
, Zero-sum distinguishers for reduced Keccak-f and for the core functions of Luffa and Hamsi, Presented at the rump session of Cryptographic Hardware and Embedded Systems -CHES 2009, 2000.
, Handbook of mathematical functions Classifying 8-Bit to 8-Bit S-Boxes Based on Power Mappings from the Point of DDT and LAT Distributions, Arithmetic of Finite Fields, pp.123-133, 1964.
, Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials, EUROCRYPT '99 Selected Areas in Cryptography , SAC 2010BCC10a] Céline Blondeau Proceedings of the 2010 IEEE International Symposium on Information Theory, ISIT 10, pp.12-23, 1999.
DOI : 10.1007/3-540-48910-X_2
, Differential properties of power functions, International Journal of Information and Coding Theory, vol.1, issue.2, pp.149-170, 2010.
DOI : 10.1504/IJICOT.2010.032132
URL : https://hal.archives-ouvertes.fr/hal-00610114
, Differential Properties of x ? x 2 t ?1, IEEE Trans. Inform. Theory, vol.57, 2011.
URL : https://hal.archives-ouvertes.fr/hal-00610099
, Anne Canteaut, Pascale Charpin, and Yann Laigle- Chapuy. On Almost Perfect Nonlinear Functions Over
, Two Classes of Quadratic APN Binomials Inequivalent to Power Functions, IEEE Transactions on Information Theory, vol.54, issue.9, pp.4160-41704218, 2006.
DOI : 10.1109/TIT.2008.928275
, On Multiple Linear Approximations, Advances in Cryptology -CRYPTO 2004, pp.1-22, 2004.
DOI : 10.1007/978-3-540-28628-8_1
, On Almost Perfect Nonlinear Permutations, EUROCRYPT-93, pp.65-76, 1993.
DOI : 10.1007/3-540-48285-7_7
, Enhancing Differential-Linear Cryptanalysis, ASIACRYPT '02, pp.254-266, 2002.
DOI : 10.1007/3-540-36178-2_16
, Key Recovery Attacks of Practical Complexity on AES-256 Variants with up to 10 Rounds, Advances in Cryptology -EUROCRYPT 2010, pp.299-319, 2010.
DOI : 10.1007/978-3-642-13190-5_15
, An APN permutation in dimension six, Finite Fields : theory and applications, pp.33-42, 2010.
DOI : 10.1090/conm/518/10194
, Impossible Differential Cryptanalysis of Safer++, Proceedings of the 2008 International Conference on Security & Management, pp.10-14, 2008.
, On MISTY1 Higher Order Differential Cryptanalysis, Lecture Notes in Computer Science, pp.22-36, 2000.
DOI : 10.1007/3-540-45247-8_3
, On the Data Complexity of Statistical Attacks Against Block Ciphers, 2009.
URL : https://hal.archives-ouvertes.fr/hal-00610110
, On the Data Complexity of Statistical Attacks Against Block Ciphers, pp.469-488, 2009.
URL : https://hal.archives-ouvertes.fr/hal-00610110
, Links Between Theoretical and Effective Differential Probabilities : Experiments on PRESENT, TOOLS'10, 2010.
, Multiple Differential Cryptanalysis: Theory and Practice, Fast Software Encryption, FSE 2011, pp.35-54
DOI : 10.1007/978-3-540-71039-4_23
URL : https://hal.archives-ouvertes.fr/hal-00610107
, Accurate estimates of the data complexity and success probability for various cryptanalyses. Designs , Codes and Cryptography, pp.3-34, 2011.
URL : https://hal.archives-ouvertes.fr/hal-00610101
, New types of cryptanalytic attacks using related keys, pp.229-246, 1994.
, The Boomerang Attack on 5 and 6-Round Reduced AES, Hans Dobbertin, Vincent Rijmen, and Aleksandra Sowa Advanced Encryption Standard -AES, 4th International Conference, pp.11-15, 2004.
DOI : 10.1007/11506447_2
, How Far Can We Go Beyond Linear Cryptanalysis?, ASIACRYPT '04, pp.432-450, 2004.
DOI : 10.1007/978-3-540-30539-2_31
, PRESENT: An Ultra-Lightweight Block Cipher, Cryptographic Hardware and Embedded Systems -CHES 2007, pp.450-466, 2007.
DOI : 10.1007/978-3-540-74735-2_31
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.122.2536
, On the classification of APN functions up to dimension five, Designs, Codes and Cryptography, vol.2, issue.1-3, pp.273-288, 2008.
DOI : 10.1007/s10623-008-9194-6
, A highly nonlinear differentially 4 uniform power mapping that permutes fields of even degree. Finite Fields and Their Applications, pp.231-242, 2010.
, On the solution of algebraic equations over finite fields, Information and Control, vol.10, issue.6, pp.553-564, 1967.
DOI : 10.1016/S0019-9958(67)91016-9
, Differential Cryptanalysis of DES-like Cryptosystems, Lecture Notes in Computer Science, vol.537, pp.2-21, 1990.
DOI : 10.1007/3-540-38424-3_1
, Differential cryptanalysis of DES-like cryptosystems, Journal of Cryptology, vol.36, issue.4, pp.3-72, 1991.
DOI : 10.1007/BF00630563
, Differential Cryptanalysis of the Full 16-round DES, CRYPTO'92, pp.487-496, 1993.
DOI : 10.1007/3-540-48071-4_34
, The Complexity of Distinguishing Distributions (Invited Talk), ICITS, pp.210-222, 2008.
DOI : 10.1007/978-3-540-85093-9_20
, Analyse et conception de chiffrements à clef secrète Habilitation à diriger des recherches, Car69] Leonard. Carlitz. Kloosterman sums and finite field extensions, pp.179-183, 1969.
, Propagation Characteristics and Correlation-Immunity of Highly Nonlinear Boolean Functions, Advances in Cryptology -EUROCRYPT'2000, pp.507-522, 2000.
DOI : 10.1007/3-540-45539-6_36
, On cryptographic properties of the cosets of R(1, m), IEEE Transactions on Information Theory, vol.47, issue.4, pp.1494-1513, 2001.
DOI : 10.1109/18.923730
, Binary m-sequences with three-valued crosscorrelation: a proof of Welch's conjecture, IEEE Transactions on Information Theory, vol.46, issue.1, pp.4-8, 2000.
DOI : 10.1109/18.817504
, Codes, Bent Functions and Permutations Suitable For DES-likeCryptosystems. Designs, Codes and Cryptography Some new 3-valued crosscorrelation functions of binary m-sequences, CD96] Thomas Cusick and Hans Dobbertin, pp.125-1561238, 1996.
, Finding nonnormal bent functions, Discrete Applied Mathematics, vol.154, issue.2, pp.202-218, 2006.
DOI : 10.1016/j.dam.2005.03.027
URL : http://doi.org/10.1016/j.dam.2005.03.027
, Normal Boolean functions, Journal of Complexity, vol.20, issue.2-3, pp.245-265, 2004.
DOI : 10.1016/j.jco.2003.08.010
, A new technique for multidimensional linear cryptanalysis with applications on reduced round serpent, Information Security and Cryptology -ICISC 2008, pp.383-398, 2008.
, Linear Cryptanalysis of Reduced-Round PRESENT, Topics in Cryptology -CT-RSA 2010, pp.302-317, 2010.
, Propagation characteristics of x -1 and Kloosterman sums. Finite Fields and Their Applications, pp.366-381, 2007.
, Improved Impossible Differential Cryptanalysis of Rijndael and Crypton, ICISC, volume 2288 of Lecture Notes in Computer Science, pp.39-49, 2001.
, A Statistical Saturation Attack against the Block Cipher PRESENT, CT-RSA-2009, pp.195-210, 2009.
DOI : 10.1007/978-3-540-68164-9_4
, Information theory, 1991.
URL : https://hal.archives-ouvertes.fr/hal-00756546
, Links between differential and linear cryptanalysis, Advances in Cryptology -EUROCRYPT'94, pp.356-365, 1995.
DOI : 10.1007/BFb0053450
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.30.4694
, Degree of Composition of Highly Nonlinear Functions and Applications to Higher Order Differential Cryptanalysis, Advances in Cryptology -EUROCRYPT 2002, pp.518-533, 2002.
DOI : 10.1007/3-540-46035-7_34
, A New Criterion for Nonlinearity of Block Ciphers, IEEE Transactions on Information Theory, vol.53, issue.11, pp.3944-3957, 2007.
DOI : 10.1109/TIT.2007.907341
, The block cipher Square, Fast Software Encryption, FSE'97, pp.149-165, 1997.
DOI : 10.1007/BFb0052343
, Wiley series in Probability Theory, Nagaraja. Order Statistics, 2003.
, One-to-One Highly Nonlinear Power Functions on GF(2 n ), Applicable Algebra in Engineering, Communication and Computing, vol.9, issue.2
DOI : 10.1007/s002000050099
, Almost Perfect Nonlinear Power Functions on GF(2n): The Niho Case, Information and Computation, vol.151, issue.1-2, pp.57-72, 1999.
DOI : 10.1006/inco.1998.2764
, Almost perfect nonlinear power functions on GF(2/sup n/): the Welch case, IEEE Transactions on Information Theory, vol.45, issue.4, pp.1271-1275, 1999.
DOI : 10.1109/18.761283
, Almost Perfect Nonlinear Power Functions on GF(2 n ): A New Case for n Divisible by 5, Proceedings of Finite Fields and Applications Fq5, pp.113-121, 2000.
DOI : 10.1007/978-3-642-56755-1_11
, AES proposal : the Rijndael block cipher, 1999.
, Probability distributions of correlation and differentials in block ciphers, Journal of Mathematical Cryptology, vol.1, issue.3, 2005.
DOI : 10.1515/JMC.2007.011
, Information Theory and Reliable Communication Golomb and Guang Gong. Periodic binary sequences with the trinomial property Transform domain analysis of DES, IEEE Trans. Inform. Theory IEEE Trans. Inform. Theory, vol.45, issue.46, pp.1276-1279, 1968.
, Cryptanalyse statistique des algorithmes de chiffrement et sécurité des schémas d'authentification, Thèse de doctorat, 1997.
, Theory of transformation groups of polynomials over GF (2) with applications to linear shift register sequences Multidimensional Extension of Matsui's Algorithm 2 Dependent Linear Approximations : The Algorithm of Biryukov and Others Revisited The Cryptographers, Her05] D. Hertel. A Note on the Kasami Power Function Topics in Cryptology -CT-RSA 2010, pp.87-109, 1968.
, Two results on maximum nonlinear functions, Designs, Codes and Cryptography, vol.44, issue.1-3, pp.225-235, 2008.
DOI : 10.1007/s10623-007-9124-z
, A proof of the Welch and Niho conjectures on crosscorrelations of binary m-sequences. Finite Fields and their Applications, pp.253-286, 2001.
, Hash Functions and the (Amplified) Boomerang Attack, Lecture Notes in Computer Science, vol.4622, pp.244-263, 2007.
DOI : 10.1007/978-3-540-74143-5_14
, Linear cryptanalysis using multiple approximations Advances in Cryptology -CRYPTO-1994, Lecture Notes in Computer Science, vol.839, pp.26-39, 1994.
, On the Complexity of Matsui???s Attack, SAC '01, pp.199-211, 2001.
DOI : 10.1007/3-540-45537-X_16
, On the Optimality of Linear, Differential, and Sequential Distinguishers, EUROCRYPT '03, pp.17-32, 2003.
DOI : 10.1007/3-540-39200-9_2
, Optimal Key Ranking Procedures in a Statistical Cryptanalysis, Fast Software Encryption , FSE 2003, pp.235-246, 2003.
DOI : 10.1007/978-3-540-39887-5_18
, Hyperplane sections of fermat varieties in P 3 in char. 2 and some applications to cyclic codes
DOI : 10.1007/3-540-56686-4_43
, Applied Algebra, Algebraic Algorithms and Error-Correcting Codes, AAECC-10, Lecture Notes in Computer Science, vol.673, pp.180-194, 1993.
, The weight enumerators for several classes of subcodes of the 2nd order binary Reed-Muller codes, Information and Control, vol.18, issue.4, pp.369-394, 1971.
DOI : 10.1016/S0019-9958(71)90473-6
, Truncated differentials of SAFER, Fast Software Encryption, pp.15-26, 1996.
DOI : 10.1007/3-540-60865-6_38
, Truncated and higher order differentials, Fast Software Encryption, FSE'94 Advances in cryptology -ASIACRYPT 2007, pp.196-211, 1995.
DOI : 10.1007/3-540-60590-8_16
, Truncated Differentials and Skipjack, CRYPTO 99 Fast Software Encryption -FSE 2002Lai94] Xuejia Lai. Higher order derivatives and differential cryptanalysis. In Symposium on communication, Coding and cryptography, pp.165-180, 1994.
DOI : 10.1007/3-540-48405-1_11
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.115.623
, Small scale variants of the block cipher PRESENT. Cryptology ePrint Archive, Report, vol.143, 2010.
, On Linear Hulls, Statistical Saturation Attacks, PRESENT and a Cryptanalysis of PUFFIN, Advances in Cryptology -EUROCRYPT 2011, pp.303-322, 2011.
DOI : 10.1007/978-3-642-20465-4_18
, Truncated Differential Cryptanalysis of Camellia, Advances in Cryptology -CRYPTO '94 Information Security and Cryptology ? ICISC 2001LM91] Xuejia Lai and James L. Massey. Markov Ciphers and Differentail Cryptanalysis EUROCRYPT-91, Lecture Notes in Computer Science, pp.17-25, 1991.
DOI : 10.1007/3-540-45861-1_3
, On the Classification of 4 Bit S-Boxes, Proceedings of the 1st international workshop on Arithmetic of Finite Fields, pp.159-176, 2007.
DOI : 10.1007/978-3-540-73074-3_13
, The Saturation Attack ??? A Bait for Twofish, Fast Software Encryption, FSE-2001Mat93] Mitsuru Matsui EURO- CRYPT '93, pp.1-15, 1993.
DOI : 10.1007/3-540-45473-X_1
, The First Experimental Cryptanalysis of the Data Encryption Standard, CRYPTO '94Mat97] Mitsuru Matsui. New Block Encryption Algorithm MISTY. In Fast Software Encryption -FSE 1997, pp.1-11, 1994.
DOI : 10.1007/3-540-48658-5_1
, Finite Fields for Computer Scientists and Engineers, 1987.
DOI : 10.1007/978-1-4613-1983-2
, Stochastic Cryptanalysis of Crypton, Fast Software Encryption, pp.121-133, 1978.
DOI : 10.1007/3-540-44706-7_9
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.85.1202
, Preuves d'Analyse et de Sécurité en Cryptologie à clé Secrète
, Security of E2 against Truncated Differential Cryptanalysis, Selected Areas in Cryptography, SAC'99, pp.106-117, 1999.
DOI : 10.1007/3-540-46513-8_8
, New impossible differential attacks on reduced-round Crypton, Fast Software Encryption, FSE '99, pp.222-227, 2010.
DOI : 10.1016/j.csi.2009.11.011
, Upper bounds on algebraic immunity of boolean power functions Algebraic immunity of S-boxes based on power mappings : analysis and construction Provable security against differential cryptanalysis, Fast Software Encryption Advances in Cryptology BIBLIOGRAPHIE -CRYPTO '92, pp.375-3894263, 1992.
, Linear (Hull) and Algebraic Cryptanalysis of the Block Cipher PRESENT [Nyb91] Kaisa Nyberg. Perfect nonlinear S-boxes Differentially uniform mappings for cryptography, Cryptology and Network Security, CANS 2009, Proceedings, volume 5888 of Lecture Notes in Computer Science Advances in Cryptology ? EU- ROCRYPT '91 of Book Series Lecture Notes in Computer Science Eurocrypt-93 Generalized Feistel Networks. In ASIACRYPT '96, pp.58-75, 1991.
, Weak Keys of Reduced-Round PRESENT for Linear Cryptanalysis, Selected Areas in Cryptography, pp.249-265, 2009.
DOI : 10.1007/978-3-642-05445-7_16
, Lightweight Block Ciphers Revisited: Cryptanalysis of Reduced Round PRESENT and HIGHT, Information Security and Privacy ProceedingsPSLL03] Sangwoo Park, Soo Hak Sung, Sangjin Lee, and Jongin Lim Fast Software Encryption,FSE 2003, pp.90-107, 2003.
DOI : 10.1007/s00145-005-0129-3
, Relationships among Differential, Truncated Differential, Impossible Differential Cryptanalyses against Word-Oriented Block Ciphers like RI- JNDAEL, E2 [Tez10] Cihangir Tezcan. The Improbable Differential Attack : Cryptanalysis of Reduced Round CLEFIA Strenght of MISTY1 without FL Function for Higher Order Differential Attack, Probability of Success in Linear and Differential Cryptanalysis AES Candidate Conference Progress in Cryptology -INDOCRYPT 2010 Applied Algebra , Algebraic Algorithms and Error-Correcting Codes, pp.131-147, 1999.
, Decorrelation: A Theory for Block Cipher Security, Journal of Cryptology, vol.16, issue.4, pp.249-286, 2003.
DOI : 10.1007/s00145-003-0220-6
, Critères de Sécurité des algorithmes de Chiffrement à Clé Secrète, Thèse de doctorat, 2005.
, The Boomerang Attack, Fast Software Encryption, 6th International Workshop, FSE '99, pp.156-170, 1999.
DOI : 10.1007/3-540-48519-8_12
, Differential Cryptanalysis of Reduced-Round PRESENT, Progress in Cryptology -AFRICACRYPT 2008, pp.40-49, 2008.
DOI : 10.1007/978-3-540-68164-9_4
, Bit-pattern based integral attack, Lecture Notes in Computer Science, vol.5086, pp.363-381, 2008.
, The criterion for global avalanche characterics of cryptographic functions, Journal of Universal Computer Science, vol.1, issue.5, pp.320-337, 1995.
, Plateaued functions. Information and Communication Security, ICICS'99, pp.224-300, 1999.
, 6 1.2.3 Chiffrement de type substitution-permutation
, 26 2.1.4 Comment retrouver de l'information sur
, 117 6.2.1 Les variables aléatoires simples 117 6.2.2 Distribution des variables aléatoires simples
, 170 8.4.2 L'exposant quadratique, p.174