学术文献库

Differential cryptanalysis famously uses statistical biases in the propagation of differences in a block cipher to attack the cipher. In this paper, we investigate the existence of more general statistical biases in the differences. To this end, we discuss the $c$-differential uniformity of S-boxes, which is a concept that was recently introduced in Ellingsen et. al. to measure certain statistical biases that could potentially be used in attacks similar to differential attacks. Firstly, we prove that a large class of potential candidates for S-boxes necessarily has large $c$-differential uniformity for all but at most $B$ choices of $c$, where $B$ is a constant independent of the size of the finite field $q$. This result implies that for a large class of functions, certain statistical differential biases are inevitable. In a second part, we discuss the practical possibility of designing a differential attack based on weaknesses of S-boxes related to their $c$-differential uniformity.