sboxUv2.ccz package

This module contains tools to test forms of equivalence that are particular cases of CCZ-equivalence, including CCZ-equivalence itself.

Subpackages

• sboxUv2.ccz.affine_equivalence package
  • Submodules
  • sboxUv2.ccz.affine_equivalence.cython_functions module
    • affine_equivalence()
    • affine_equivalence_permutations()
    • le_class_representative()
    • linear_equivalence()
    • linear_equivalence_permutations()
    • xor_equivalence()

Submodules

sboxUv2.ccz.cython_functions module

sboxUv2.ccz.cython_functions.EA_mapping(A, B, C)

Assume that A and B are full-rank linear applications, and C another (maybe not-full rank) linear application. Given a function F, these can be used to define G as an extended affine equivalent function of F. This function helps expressing the relationship between F and G in terms of graph.

Parameters:

• A – a BinLinearMap-able object corresponding to a full rank linear application.

• B – a BinLinearMap-able object corresponding to a full rank linear application.

• C – a BinLinearMap-able object.

Returns:

A BinLinearMap corresponding to the linear permutation that must be applied to the graph of a function F in order to obtain the graph of the function B*F*A + C.

class sboxUv2.ccz.cython_functions.WalshZeroesSpaces

Bases: object

get_bases(self) → list

get_mappings(self)

image_by(self, L)

init_mappings(self)

thickness_spectrum(self)

sboxUv2.ccz.cython_functions.affine_equivalences(sbox1, sbox2, single_non_trivial_answer=False, n_threads=MAX_N_THREADS)

sboxUv2.ccz.cython_functions.are_affine_equivalent(sbox1, sbox2, n_threads=MAX_N_THREADS)

sboxUv2.ccz.cython_functions.are_ccz_equivalent(sbox1, sbox2, n_threads=MAX_N_THREADS)

sboxUv2.ccz.cython_functions.are_cczl_equivalent(sbox1, sbox2, n_threads=MAX_N_THREADS)

sboxUv2.ccz.cython_functions.are_ea_equivalent(sbox1, sbox2, n_threads=MAX_N_THREADS)

sboxUv2.ccz.cython_functions.are_el_equivalent(sbox1, sbox2, n_threads=MAX_N_THREADS)

sboxUv2.ccz.cython_functions.are_linear_equivalent(sbox1, sbox2, n_threads=MAX_N_THREADS)

sboxUv2.ccz.cython_functions.ccz_block_decomposition(blm)

Decompose a 2n x 2n matrix (BinLinearMap) into the 4 corresponding n x n matrices (returned as BinLinearMap).

sboxUv2.ccz.cython_functions.ccz_equivalences(sbox1, sbox2, single_non_trivial_answer=False, n_threads=MAX_N_THREADS)

sboxUv2.ccz.cython_functions.ccz_equivalent_function(s, L)

Applies a linear permutation to the graph of a function, and returns the function whose graph is the result. Assumes that the linear permutation is admissible. If not, returns an empty S-box.

Parameters:

• s – an S_box-able object

• L – a BinLinearMap-able object

Returns:

If L is indeed admissible for s, then returns an S_box instance corresponding to the function whose graph is the image of that of s by L. Otherwise, returns an empty S_box.

sboxUv2.ccz.cython_functions.cczl_equivalences(sbox1, sbox2, single_non_trivial_answer=False, n_threads=MAX_N_THREADS)

sboxUv2.ccz.cython_functions.ea_equivalences(sbox1, sbox2, single_non_trivial_answer=False, n_threads=MAX_N_THREADS)

sboxUv2.ccz.cython_functions.el_equivalences(sbox1, sbox2, single_non_trivial_answer=False, n_threads=MAX_N_THREADS)

sboxUv2.ccz.cython_functions.enumerate_ea_classes(s)

sboxUv2.ccz.cython_functions.equivalences_from_lat(sbox1, sbox2, single_non_trivial_answer=False, equivalence_type='linear', n_threads=MAX_N_THREADS)

Computes all equivalence relations between two functions F, G, from their linear approximation tables (LAT).

single_non_trivial_answer (bool) : Determines whether the search should stop when at the first automorphism that is encountered. number_of_threads (int): The number of threads to use. By default, it is set to 8. equivalence_type (string): Determines the type of the searched automorphisms. If “linear”, search for all pairs of linear bijections (A, B) satisfying B o F o A = F. If “extended-search”, search for all (A, B, C) linear with A, B bijective satisfying B o F o A + C = F. If “ccz-linear”, search for all linear bijection A such that A(graph(F)) = graph(G).

Returns:

A list of pairs of BinLinearMaps corresponding to all pairs of linear bijections (A, B) satisfying B o F o A = F.

Return type:

list

sboxUv2.ccz.cython_functions.get_WalshZeroesSpaces(s, n_threads=MAX_N_THREADS)

sboxUv2.ccz.cython_functions.linear_equivalences(sbox1, sbox2, single_non_trivial_answer=False, n_threads=MAX_N_THREADS)

sboxUv2.ccz.cython_functions.thickness_spectrum(s, spaces=None)

Computes the thickness spectrum of the S_boxable object s.

The thickness spectrum was introduced in [FFA:CanPer19] and is an extended-affine equivalence class invariant. Its computation requires the knowledge of the vector spaces of a specific dimension contained in the so-called Walsh zeroes of the function, meaning that this function relies on the vector space search algorithm from [AC:BonPerTia19].

Parameters:

• s (-) – an S_boxable object.

• spaces (-) – if the Walsh zeroes of s are already known, then it is possible to pass the corresponding WalshZeroesSpaces object as a facultative argument to avoid recomputing it.

Returns:

A Spectrum instance such where the entry with key k is the number of spaces of dimension s.get_input_length() contained in the Walsh zeroes of s that have an intersection with V that is of dimension k.

sboxUv2.ccz.cython_functions.up_to_constant_equivalences(sbox1, sbox2, single_non_trivial_answer=False, equivalence_type='linear', n_threads=MAX_N_THREADS)

sboxUv2.ccz.cython_functions.verify_up_to_constant_equivalence(sbox1, sbox2, L, a, equivalence_type)

Verify whether sbox1 and sbox2 are indeed equivalent given an affine mapping x mapsto Lx + a.

sboxUv2.ccz.equivalences_from_code module

sboxUv2.ccz.equivalences_from_code.are_ccz_equivalent_from_code(f, g)

sboxUv2.ccz.equivalences_from_code.are_code_equivalent(f, g, equivalence='CCZ')

sboxUv2.ccz.equivalences_from_code.are_ea_equivalent_from_code(f, g)

sboxUv2.ccz.equivalences_from_code.ccz_matrix(lut)

sboxUv2.ccz.equivalences_from_code.ea_matrix(lut)

sboxUv2.ccz.tu_decompositions module

class sboxUv2.ccz.tu_decompositions.TUdecomposition(A=None, B=None, C=None, T=None, U=None, U_prime=None, m=None)

Bases: object

Stores the TU_t decomposition of a function.

core()

get_S_box()

Returnis the lookup table of the permutation whose TU-decomposition is stored.

insert_after_T(alpha)

Returns a new TUdecomposition that is functionally equivalent, but where the linear permutation alpha is applied on the t-bit branch on which the T block is a permutation after it is called.

insert_after_U(alpha)

Returns a new TUdecomposition that is functionally equivalent, but where the linear permutation alpha is applied on the (m-t)-bit branch on which the U block is applied, after it is called.

insert_before_T(alpha)

Returns a new TUdecomposition that is functionally equivalent, but where the linear permutation alpha is applied on the t-bit branch on which the T block is a permutation before it is called.

insert_before_U(alpha)

Returns a new TUdecomposition that is functionally equivalent, but where the linear permutation alpha is applied on the (n-t)-bit branch on which the U block is a applied, before it is called.

twist()

sboxUv2.ccz.tu_decompositions.get_tu_decompositions(s, walsh_zeroes=None)

sboxUv2.ccz.tu_decompositions.swap_Blm(t, n, m)

sboxUv2.ccz.tu_decompositions.thickness(basis, n)

sboxUv2.ccz.tu_decompositions.tu_decomposition_from_space_basis(s, basis, n, m)

Using the knowledge that v is a subspace of Z_s of dimension n, a TU-decomposition (as defined in [Perrin17]) of s is performed and the corresponding TUdecomposition instance is returned.