sboxUv2.statistics package

This module provides tools to study the “statistical” properties of vectorial Boolean functions.

“Statistical” should be understood in the sense of “statistical cryptanalysis”, i.e., differential and linear attacks along with all of their variants (boomerang, etc). In practice, this module provides functions that compute the main tables: DDT, LAT, BCT (as well as others), and tools to make sense of their content.

When possible the functions are multi-threaded. In particular, computing “spectra” (i.e., the number of occurrences of the coefficients in a table) is not done by first generating the full table and then counting; instead, rows are generated in parallel, which saves space and increases speed.

Submodules

sboxUv2.statistics.anomalies module

It is possible to investigate to define and to compute the probability that a given S-box is “at least as good” or “at least as bad” as a random permutation or function, as explained in [AC:BonPerTia19].

This reasoning is based on the probabilities for the DDT and LAT given in [JMC:DaeRij07], while the probabilities from the BCT are from [AC:BonPerTia19].

sboxUv2.statistics.anomalies.bct_coeff_probability(in_length, out_length, c, precision=80)[source]

Returns the probability that a coefficient of the BCT of an S-Box mapping m bits to n is equal to c.

This probability is only defined for permutations. Thus, an error is raised if m != n.

sboxUv2.statistics.anomalies.ddt_coeff_probability(in_length, out_length, c, precision=80)[source]

Returns the probability that a coefficient of the DDT of a S-Box mapping in_length bits to out_length is equal to c.

This probability is identical for a random permutation and a random non-bijective function.

Ref: [JMC:DaeRij07]

sboxUv2.statistics.anomalies.expected_max_ddt(m, n)[source]

sboxUv2.statistics.anomalies.expected_max_lat(in_length, out_length)[source]

sboxUv2.statistics.anomalies.expected_max_lat_function(m, n)[source]

sboxUv2.statistics.anomalies.get_proba_func(s, table)[source]

sboxUv2.statistics.anomalies.lat_coeff_probability_function(in_length, out_length, c, precision=80)[source]

Returns the probability that a coefficient of the Walsh spectrum of a random function mapping m bits to n is equal, in absolute value, to c.

If m != n, raises an error.

sboxUv2.statistics.anomalies.lat_coeff_probability_permutation(in_length, out_length, c, precision=80)[source]

Returns the probability that a coefficient of the Walsh spectrum of a random bijective permutation mapping m bits to n is equal, in absolute value, to c.

If m != n, raises an error.

sboxUv2.statistics.anomalies.probability_of_max_and_occurrences(in_length, out_length, v_max, occurrences, proba_func, precision=80)[source]: Returns the logarithm in base 2 of the probability that $(2^m-1)(2^n-1)$ trials of an experiment yielding output c with probability proba_func(m, n, c) will have a result equal to v_max at most occurrences times and be strictly smaller on all other trials.

sboxUv2.statistics.anomalies.table_anomaly(s, table, spec=None, precision=80)[source]

Computes the positive anomaly (in the sense of [AC:BonPerTia19]) of the S_box s that corresponds to its DDT, LAT or BCT.

Parameters:

s (-) – the S_boxable object you want the anomaly of.
table (-) – the name of the table for which the anomaly must be computed. Must be either “DDT”, “LAT” or “BCT”.

sboxUv2.statistics.anomalies.table_negative_anomaly(s, table, spec=None, precision=80)[source]

Computes the negative anomaly (in the sense of [AC:BonPerTia19]) of the S_box s that corresponds to its DDT, LAT or BCT.

Parameters:

s (-) – the S_boxable object you want the anomaly of.
table (-) – the name of the table for which the anomaly must be computed. Must be either “DDT”, “LAT” or “BCT”.

sboxUv2.statistics.cython_functions module

sboxUv2.statistics.cython_functions.absolute_walsh_spectrum(s)

sboxUv2.statistics.cython_functions.bct(s)

sboxUv2.statistics.cython_functions.boomerang_spectrum(s)

sboxUv2.statistics.cython_functions.boomerang_uniformity(s)

sboxUv2.statistics.cython_functions.ddt(s)

sboxUv2.statistics.cython_functions.differential_spectrum(s)

sboxUv2.statistics.cython_functions.differential_uniformity(s)

sboxUv2.statistics.cython_functions.fbct(s)

sboxUv2.statistics.cython_functions.fbct_spectrum(s)

sboxUv2.statistics.cython_functions.invert_lat(l)

sboxUv2.statistics.cython_functions.is_differential_uniformity_smaller_than(s, u)

sboxUv2.statistics.cython_functions.lat(s)

sboxUv2.statistics.cython_functions.linearity(s)

sboxUv2.statistics.cython_functions.walsh_spectrum(s)

sboxUv2.statistics.cython_functions.walsh_transform(s)