| Christina Boura |  |
 |
Date de l'exposé : 27 janvier 2012
New bounds on the algebraic degree of iterated permutations
We present a study on the algebraic degree of iterated permutations seen as multivariate polynomials. Such +constructions are in the heart of many modern symmetric primitives, including block ciphers and hash functions. The estimation +of this degree is of major importance, as functions with a low degree are vulnerable to many attacks, for instance higher-order +differential, algebraic or cube attacks. We derive a new bound on the degree of iterated permutations, composed of parallel +applications of a number of balanced Sboxes. In a more general case, we show that the degree of the iterated primitive depends +on the algebraic degree of the inverse of the permutation which is iterated and we extract new bounds from this relation. The +above results permit us to establish structural distinguishers for many hash functions, candidates of the NIST SHA-3 +competition, such as Keccak, Luffa, ECHO and JH, and to a higher-degree variant of the KN block cipher.This is a joint work with Anne Canteaut and Christophe De Cannière.
