THE INVERSION METHOD OF FOUR-BIT BOOLEAN SAC CRYPTOTRANSFORMS

Fedotova-Piven I. M. – PhD, Assistant Professor, Assistant Professor of the Department of Information Security and Computer Еngineering, Cherkassy State Technological University, Cherkassy, Ukraine. Rudnytskyi V. M. – Dr. Sc., Professor, Head of the Department of Information Security and Computer Еngineering, Cherkassy State Technological University, Cherkassy, Ukraine. Piven O. B. – PhD, Assistant Professor, Professor of the Department of Information Security and Computer Еngineering, Cherkassy State Technological University, Cherkassy, Ukraine. Myroniuk T. V. – PhD, Assistant Professor of the Department of Information Security and Computer Engineering, Cherkassy State Technological University, Cherkassy, Ukraine.


ABBREVIATIONS
BBF is a basic Boolean function; BF is a Boolean function; CA is a cryptographic algorithm; CT is a cryptographic transformation; DCT is a direct cryptographic transformation; FPBE is a Forward Problem of Boolean equations; HW is a Hamming weight; ICT is a inverse cryptographic transformation; IPBE is a Inverse Problem of Boolean equations; SAC is a strict avalanche criterion.

NOMENCLATURE ¬ is a sign of the Boolean operation inversion (complementation);
⊕ is a sign of the Boolean operation addition modulo 2 (XOR -exclusive OR);  (Table 1); ) ( f wt is a Hamming weight of the Boolean function ) ,..., ( 1

INTRODUCTION
Nowadays, the number of users of the Internet and digital mobile networks (such as GSM) is more than 4 billions [1], the amount of data transmission is huge. Therefore, data security plays a crucially important role in this data transmission. One of the main ways to ensure the reliability and safety of information is effective methods of encryption/decryption of data [2] with high cryptographic resilience. Today, computationally resilient cryptosystems generally protect information in a satisfactory way, but quantum computers with computing power far beyond the computing power of any classical com-puter [3][4][5] can solve a lot of cryptanalysis tasks that can not be solved by traditional computing systems. The issue of crypto security of information security systems has become extremely acute in connection with the advent of quantum computers.
BFs play a prominent role in the security of cryptosystems [6]. Their most important cryptographic applications include the analysis and design of S-boxes in block ciphers and the construction of filter/combining functions in stream ciphers [7]. Constructing optimal S-boxes has been a prominent topic of interest for security experts [8]. Also, each reversible BF can be implemented as a reversible circuit [9], whereas reversible circuits are indispensable in error correction [10,11].
Cryptoresistance of a broad class of CAs is determined by their correspondence to some special criteria of bit transform BFs being implemented in these algorithms [12]. One of such criteria is a SAC [12], that is whenever a single input bit is complemented, each of the output bits changes with a probability of one half [13]. This is essential to diminish any correlation between input and output combinations and fails to leak information [14]. This also means that there are no functions with fewer bits, that is a good approximation to the given function and the use of which would significantly reduce the amount of work required to decode the message [15]. That is why the design problem of the Boolean SAC-functions is actually and practically important [16].
The object of study is the process of constructing DCT and ICT of BFs defined by systems for the number of arguments 4 and more.
The subject of study is the methods of constructing ICTs of BFs by given DCTs of BFs that have the property of a SAC and contain only the operations of inversion and addition modulo two.
The purpose of the work is creating a method for obtaining inverse four-bit CTs with the SAC property, which contain balanced BFs only with the operations of inversion and addition modulo two for increasing the reliability of information protection systems. The method must have an applicability property on a larger even number of bits.

PROBLEM STATEMENT
It is important to study four-bit, eight-bit BFs in public key cryptography [17,18]. The formalized procedure for construction of four-bit Boolean SAC-functions with the operations of inversion is proposed in [16]. But CTs with four-bit Boolean SAC-functions with the operations of inversion and addition modulo two are insufficiently investigated and remains relevant. B F r ∈ also must be the same.

REVIEW OF THE LITERATURE
The problem of finding the roots of a system of nonlinear BFs is analytically intractable and therefore provides the basis for many CAs [12]. The FPBE consists of finding all solutions of a system of Boolean equations, whereas the IPBE aims at reconstructing the mathematical formulae of the system of Boolean equations for given the set of solutions. The FPBE has been extensively treated in the literature [19][20][21][22] while the inverse problem seems to have received no or little attention [23].
In papers [23][24][25][26], various methods for obtaining inverse Boolean functions with n inputs and 1 output are described for given direct Boolean functions with n inputs and 1 output, but inverse Boolean functions with n inputs and n outputs for given direct Boolean functions with n inputs and n outputs in these papers are not considered.
The paper [30] describes invertible Boolean functions of three variables. The papers [27,28] describe the properties of the Boolean function with n inputs and n outputs, but the concrete method or algorithm for obtaining the inverse Boolean functions with n inputs and n outputs for given direct Boolean functions with n inputs and n outputs is not given. Other publications containing a concrete algorithm for obtaining an ICT using a given DCT containing four or more Boolean functions with four or more Boolean variables and two or more different Boolean operations are unknown to the authors of this article.
The existing methods [23][24][25][26] of searching for an inverse Boolean functions are methods for calculating each element of the BFs of the inverse Boolean functions for given direct Boolean functions and this situation needs the development of more effective methods for obtaining ICT for given DCT.

MATERIALS AND METHODS
,..., ( 1 for each i and hence for each )) ( ),..., As known [28], function is called reversible iff F is bijective, i.e., if each input pattern uniquely maps to an output pattern, and vice versa. Otherwise, it is called irreversible.
Let a DCT and ICT are Boolean multiple-output func- and an inverse set 1 of the DCT corresponds to the same set of the output values -the results of the operation (2): To date, the problem of the total number of balanced Boolean SAC-functions determination for n variables remains open [16]. The search area of the roots of systems of Boolean equations may be decreased significantly by application of different expedients based on taking into account the special features of BFs constructing the system of nonlinear Boolean equations [12].
We will consider four-bit CTs that satisfy a SAC and are constructed using only Boolean operations of the inversion and addition modulo 2. To synthesize both DCT and ICT, we create a set of BBFs with such restrictions: 1) all the BBFs from Table 1 are balanced, because the HW of each of them is 2 3 = 8, that is, a half of the number 16 -the length of the vector of values of each BBF; 2) each BBF from Table 1 contains from one to four variables 4 1 ,..., x x , and the same variable is included only once in each BBF of the CT; 3) all the BBFs from Table 1 must have noncoinciding sets of values (see Table 2).
We will assume that the BBFs of an ICT will be selected from the same set of BBFs from Table 1 are not listed in Table 1, because they do not contain operations symbols over variables, that is, there is no explicitly indicated mathematical form of the function.
To construct ICTs that satisfy the SAC, we apply the following method that defines the BBFs of the ICT over the whole set of values at the input and output of the BBFs of DCT. 1. Let's create Table 2 (truth table) of the values of the BBFs from Table 1  2. Let's create a Table 3 which contains only those BBFs that give the value of 0 for a given set of values 4 1 ,..., x x . 3. Let's create a Table 4 which contains only those BBFs that give the value of 1 for a given set of values 4 1 ,..., x x .   for each row The value of function for each row The value of function The functions from the set {f 1 , f 2 , ... f 30 } that gives 1 as a result for the specified values x 1 , ..., x 4 for each row Let's take a DCT with the property of the SAC, for example and we will find ICT r F 1 for this CT. To do this, create a , and in the right part of Table 5 the values of the four BBFs of the DCT. We take functions and their values from Table 2.   . As a result, we obtain Table 6.
It can be seen from It can be seen from This method provides the construction of ICTs for four variables and two logical operations (inversion and addition modulo 2), but can be extended to a larger even number of variables.

EXPERIMENTS
We prove that the resulting CT (4) is indeed the inverse of the CT (3).

RESULTS
The results of the construction by this method of two CTs are given in Table 11.

DISCUSSION
The existing methods of searching for an ICT are methods for calculating each element of the BBFs of the ICT, whereas proposed by us method is a method of choosing existing BBFs from a predetermined set of BBFs for a DCT and an ICT. The method can be extended to a larger even number of bits.
This method can be used to obtain other ICTs, having DCTs that have the property of SAC and for which there is an ICT.
To date, in the general case, the total number of balanced BFs of any number of variables with different sets of logical operations on these variables and having the property of a SAC remains unknown [16]. Therefore, the problem of finding systems of balanced BFs with an even number of variables greater than four for different sets of logical operations and having the property of SAC is a separate important scientific problem that goes beyond the scope of this article.
The article [23] presents methods that handle the inverse problem for the main types of solutions of Boolean equations of the form f(X) = 0, where f(X): B n → B and B is an arbitrary Boolean algebra. The methods [23] are a mixture of purely-algebraic methods and map methods that utilize the variable entered Karnaugh map: (a) Subsumptive general solutions, in which each of the variables is expressed as an interval by deriving successive conjunctive or disjunctive eliminants of the original function, (b) Parametric general solutions, in which each of the variables is expressed via arbitrary parameters which are freely chosen elements of the underlying Boolean algebra and (c) Particular solutions, each of which is an assignment from the underlying Boolean algebra to every pertinent variable that makes the Boolean equation an identity. But the application of these methods to Boolean functions of the form (1) was not considered in [23].
In the article [31] a mathematical formalism is developed, showing the connection of the inverse Boolean function of the form (1) with its corresponding direct Boolean function of the form (1). But the method of obtaining an inverse Boolean function from a direct Boolean function is not specified in [31], and the conditions for the existence of an inverse Boolean function for a given direct Boolean function are not indicated.
But the method developed in this article makes it possible to effectively find the ICT for any four-bit DCT of BFs containing only the operations of inversion and addition modulo two and satisfying the restrictions 1-3, described in section 3 of this article.
In further studies using the method described in this article, it is possible to increase an even number of variables, which will increase the nonlinearity and cryptographic resilience of CTs.

CONCLUSIONS
The urgent problem of obtaining the inversion method of four-bit Boolean SAC cryptotransforms is solved to ensure reliable information protection..
The scientific novelty of obtained results is that the method for obtaining inverse four-bit CTs with the SAC property for balanced BFs containing two logical operations (inversion and addition modulo two) is proposed for the first time.
The practical significance of obtained results is that this method is a method of selecting the already existing basic four-bit BFs from a predetermined set of balanced BBFs for direct and inverse CTs, whereas the existing methods of searching for ICT are methods for calculating each element of the BFs for the ICT.
Prospects for further research are the modifications of this method to the larger even numbers of arguments of the balanced BFs of CTs to increase the cryptographic resilience.