# A highly nonlinear differentially 4 uniform power mapping that permutes fields of even degree

Carl Bracken, Gregor Leander

Finite Fields and Their Applications Volume 16, Issue 4, July 2010, Pages 231–242

## Abstract

Functions with low differential uniformity can be used as the s-boxes of symmetric cryptosystems as they have good resistance to differential attacks. The AES (Advanced Encryption Standard) uses a differentially 4 uniform function called the inverse function. Any function used in a symmetric cryptosystem should be a permutation. Also, it is required that the function is highly nonlinear so that it is resistant to Matsui's linear attack. In this article we demonstrate that the highly nonlinear permutation f(x)=x^2*2k+k^2+1 on the field F^2 4k, discovered by Hans Dobbertin (1998) [1], has differential uniformity of four and hence, with respect to differential and linear cryptanalysis, is just as suitable for use in a symmetric cryptosystem as the inverse function. Its suitability with respect to other attacks remains to be seen.

[DOI] [bib]