{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,2]],"date-time":"2026-03-02T09:02:26Z","timestamp":1772442146840,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":42,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540354581","type":"print"},{"value":"9783540354598","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2006]]},"DOI":"10.1007\/11780656_7","type":"book-chapter","created":{"date-parts":[[2006,6,23]],"date-time":"2006-06-23T14:08:16Z","timestamp":1151071696000},"page":"76-86","source":"Crossref","is-referenced-by-count":17,"title":["On Exact Algebraic [Non-]Immunity of S-Boxes Based on Power Functions"],"prefix":"10.1007","author":[{"given":"Nicolas T.","family":"Courtois","sequence":"first","affiliation":[]},{"given":"Blandine","family":"Debraize","sequence":"additional","affiliation":[]},{"given":"Eric","family":"Garrido","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"7_CR1","unstructured":"Armknecht, F.: On the Existence of low-degree Equations for Algebraic Attacks. Also presented at SASC Ecrypt workshop (State of the Art in Stream Ciphers), Bruges, Belgium (October 14-15, 2004) (preprint), Available at : \n                    \n                      eprint.iacr.org\/2004\/185\/"},{"key":"7_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1007\/978-3-540-45146-4_10","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"F. Armknecht","year":"2003","unstructured":"Armknecht, F., Krause, M.: Algebraic Attacks on Combiners with Memory. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol.\u00a02729, pp. 162\u2013175. Springer, Heidelberg (2003)"},{"key":"7_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"518","DOI":"10.1007\/3-540-46035-7_34","volume-title":"Advances in Cryptology - EUROCRYPT 2002","author":"A. Canteaut","year":"2002","unstructured":"Canteaut, A., Videau, M.: Degree of composition of highly nonlinear functions and applications to higher order differential cryptanalysis. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol.\u00a02332, p. 518. Springer, Heidelberg (2002)"},{"key":"7_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"474","DOI":"10.1007\/978-3-540-24676-3_28","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"W. Meier","year":"2004","unstructured":"Meier, W., Pasalic, E., Carlet, C.: Algebraic Attacks and Decomposition of Boolean Functions. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol.\u00a03027, pp. 474\u2013491. Springer, Heidelberg (2004)"},{"key":"7_CR5","unstructured":"Carlet, C.: Improving the algebraic immunity of resilient and nonlinear functions and constructing bent functions (preprint ), Available at : \n                    \n                      http:\/\/eprint.iacr.org\/2004\/276.pdf"},{"key":"7_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"92","DOI":"10.1007\/978-3-540-30556-9_9","volume-title":"Progress in Cryptology - INDOCRYPT 2004","author":"D.K. Dalai","year":"2004","unstructured":"Dalai, D.K., Gupta, K.C., Maitra, S.: Results on algebraic immunity for cryptographically significant Boolean functions. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol.\u00a03348, pp. 92\u2013106. Springer, Heidelberg (2004)"},{"key":"7_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"98","DOI":"10.1007\/11502760_7","volume-title":"Fast Software Encryption","author":"D.K. Dalai","year":"2005","unstructured":"Dalai, D.K., Gupta, K.C., Maitra, S.: Cryptographically Significant Boolean Functions: Construction and Analysis in Terms of Algebraic Immunity. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol.\u00a03557, pp. 98\u2013111. Springer, Heidelberg (2005)"},{"key":"7_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"401","DOI":"10.1007\/978-3-540-30191-2_31","volume-title":"Information and Communications Security","author":"B.-Y. Yang","year":"2004","unstructured":"Yang, B.-Y., Chen, J.-M., Courtois, N.T.: On Asymptotic Security Estimates in XL and Gr\u00f6bner Bases-Related Algebraic Cryptanalysis. In: L\u00f3pez, J., Qing, S., Okamoto, E. (eds.) ICICS 2004. LNCS, vol.\u00a03269, pp. 401\u2013413. Springer, Heidelberg (2004)"},{"key":"7_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"83","DOI":"10.1007\/978-3-540-25937-4_6","volume-title":"Fast Software Encryption","author":"J.H. Cheon","year":"2004","unstructured":"Cheon, J.H., Lee, D.-H.: Resistance of S-Boxes against Algebraic Attacks. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol.\u00a03017, pp. 83\u201394. Springer, Heidelberg (2004) Can be found at : \n                    \n                      http:\/\/www.math.snu.ac.kr\/~jhcheon\/Published\/2004_FSE\/FSE04_CL.pdf"},{"key":"7_CR10","doi-asserted-by":"publisher","first-page":"251","DOI":"10.1016\/S0747-7171(08)80013-2","volume":"9","author":"D. Coppersmith","year":"1990","unstructured":"Coppersmith, D., Winograd, S.: Matrix multiplication via arithmetic progressions. J. Symbolic Computation\u00a09, 251\u2013280 (1990)","journal-title":"J. Symbolic Computation"},{"key":"7_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"86","DOI":"10.1007\/3-540-46766-1_6","volume-title":"Advances in Cryptology - CRYPTO \u201991","author":"P. Camion","year":"1992","unstructured":"Camion, P., Carlet, C., Charpin, P., Sendrier, N.: On Correlation-immune Functions. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol.\u00a0576, pp. 86\u2013100. Springer, Heidelberg (1992)"},{"key":"7_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"23","DOI":"10.1007\/978-3-540-28628-8_2","volume-title":"Advances in Cryptology \u2013 CRYPTO 2004","author":"N. Courtois","year":"2004","unstructured":"Courtois, N.: Feistel Schemes and Bi-Linear Cryptanalysis. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol.\u00a03152, pp. 23\u201340. Springer, Heidelberg (2004)"},{"key":"7_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"182","DOI":"10.1007\/3-540-36552-4_13","volume-title":"Information Security and Cryptology - ICISC 2002","author":"N.T. Courtois","year":"2003","unstructured":"Courtois, N.T.: Higher Order Correlation Attacks, XL Algorithm and Cryptanalysis of Toyocrypt. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol.\u00a02587, pp. 182\u2013199. Springer, Heidelberg (2003)"},{"key":"7_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-39200-9_21","volume-title":"Advances in Cryptology \u2013 EUROCRPYT 2003","author":"N. Courtois","year":"2003","unstructured":"Courtois, N., Meier, W.: Algebraic Attacks on Stream Ciphers with Linear Feedback. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol.\u00a02656. Springer, Heidelberg (2003)"},{"key":"7_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"176","DOI":"10.1007\/978-3-540-45146-4_11","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"N.T. Courtois","year":"2003","unstructured":"Courtois, N.T.: Fast Algebraic Attacks on Stream Ciphers with Linear Feedback. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol.\u00a02729, pp. 176\u2013194. Springer, Heidelberg (2003)"},{"key":"7_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/11496618_3","volume-title":"Information Security and Cryptology \u2013 ICISC 2004","author":"N.T. Courtois","year":"2005","unstructured":"Courtois, N.T.: Algebraic Attacks on Combiners with Memory and Several Outputs. In: Park, C.-s., Chee, S. (eds.) ICISC 2004. LNCS, vol.\u00a03506, pp. 3\u201320. Springer, Heidelberg (2005), Extended version available on: \n                    \n                      http:\/\/eprint.iacr.org\/2003\/125\/"},{"key":"7_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"266","DOI":"10.1007\/3-540-45353-9_20","volume-title":"Topics in Cryptology - CT-RSA 2001","author":"N. Courtois","year":"2001","unstructured":"Courtois, N.: The security of Hidden Field Equations (HFE). In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol.\u00a02020, pp. 266\u2013281. Springer, Heidelberg (2001)"},{"key":"7_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/3-540-36178-2_17","volume-title":"Advances in Cryptology - ASIACRYPT 2002","author":"N.T. Courtois","year":"2002","unstructured":"Courtois, N.T., Pieprzyk, J.: Cryptanalysis of Block Ciphers with Overdefined Systems of Equations. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol.\u00a02501, pp. 267\u2013287. Springer, Heidelberg (2002) (preprint with a different version of the attack) Available at: \n                    \n                      http:\/\/eprint.iacr.org\/2002\/044\/"},{"key":"7_CR19","unstructured":"Courtois, N., Castagnos, G., Goubin, L.: What do DES S-boxes Say to Each Other? Available on: \n                    \n                      http:\/\/eprint.iacr.org\/2003\/184\/"},{"key":"7_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"170","DOI":"10.1007\/11506447_15","volume-title":"Advanced Encryption Standard \u2013 AES","author":"N.T. Courtois","year":"2005","unstructured":"Courtois, N.T.: The Inverse S-Box, Non-linear Polynomial Relations and Cryptanalysis of Block Ciphers. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds.) AES 2005. LNCS, vol.\u00a03373, pp. 170\u2013188. Springer, Heidelberg (2005)"},{"key":"7_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1007\/11506447_7","volume-title":"Advanced Encryption Standard \u2013 AES","author":"N.T. Courtois","year":"2005","unstructured":"Courtois, N.T.: General Principles of Algebraic Attacks and New Design Criteria for Cipher Components. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds.) AES 2005. LNCS, vol.\u00a03373, pp. 67\u201383. Springer, Heidelberg (2005)"},{"key":"7_CR22","unstructured":"Daemen, J., Rijmen, V.: AES proposal: Rijndael, The latest revised version of the proposal is available on the Internet, \n                    \n                      http:\/\/csrc.nist.gov\/encryption\/aes\/rijndael\/Rijndael.pdf"},{"issue":"2","key":"7_CR23","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/s002000050099","volume":"9","author":"H. Dobbertin","year":"1998","unstructured":"Dobbertin, H.: One-to-One Highly Nonlinear Power Functions on GF(2\n                    n\n                  ). Appl. Algebra Eng. Commun. Comput.\u00a09(2), 139\u2013152 (1998)","journal-title":"Appl. Algebra Eng. Commun. Comput."},{"issue":"4","key":"7_CR24","doi-asserted-by":"publisher","first-page":"1271","DOI":"10.1109\/18.761283","volume":"45","author":"H. Dobbertin","year":"1999","unstructured":"Dobbertin, H.: Almost perfect nonlinear power functions on GF(2\n                    n\n                  ): the Welch case. IEEE Transactions on Information Theory\u00a045(4), 1271\u20131275 (1999)","journal-title":"IEEE Transactions on Information Theory"},{"key":"7_CR25","doi-asserted-by":"publisher","first-page":"57","DOI":"10.1006\/inco.1998.2764","volume":"151","author":"H. Dobbertin","year":"1998","unstructured":"Dobbertin, H.: Almost perfect nonlinear power functions on GF(2\n                    n\n                  ): the Niho case. Information and Computation\u00a0151, 57\u201372 (1998)","journal-title":"Information and Computation"},{"key":"7_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"173","DOI":"10.1007\/3-540-60865-6_52","volume-title":"Fast Software Encryption","author":"J.D.. Golic","year":"1996","unstructured":"Golic, J.Dj.: On the Security of Nonlinear Filter Generators. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol.\u00a01039, pp. 173\u2013188. Springer, Heidelberg (1996)"},{"key":"7_CR27","doi-asserted-by":"publisher","first-page":"154","DOI":"10.1109\/TIT.1968.1054106","volume":"14","author":"R. Gold","year":"1968","unstructured":"Gold, R.: Maximal recursive sequences with 3-valued recursive crosscorrelation functions. IEEE Transactions on Information Theory\u00a014, 154\u2013156 (1968)","journal-title":"IEEE Transactions on Information Theory"},{"key":"7_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"212","DOI":"10.1007\/BFb0055730","volume-title":"Advances in Cryptology - CRYPTO \u201998","author":"T. Jakobsen","year":"1998","unstructured":"Jakobsen, T.: Cryptanalysis of Block Ciphers with Probabilistic Non-linear Relations of Low Degree. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol.\u00a01462, pp. 212\u2013222. Springer, Heidelberg (1998)"},{"key":"7_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1007\/BFb0052332","volume-title":"Fast Software Encryption","author":"T. Jakobsen","year":"1997","unstructured":"Jakobsen, T., Knudsen, L.R.: The Interpolation Attack on Block Ciphers. In: Biham, E. (ed.) FSE 1997. LNCS, vol.\u00a01267, pp. 28\u201340. Springer, Heidelberg (1997)"},{"key":"7_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1007\/978-3-540-45146-4_3","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"J.-C. Faug\u00e8re","year":"2003","unstructured":"Faug\u00e8re, J.-C., Joux, A.: Algebraic Cryptanalysis of Hidden Field Equation (HFE) Cryptosystems Using Gr\u00f6bner Bases. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol.\u00a02729, pp. 44\u201360. Springer, Heidelberg (2003)"},{"key":"7_CR31","doi-asserted-by":"publisher","first-page":"369","DOI":"10.1016\/S0019-9958(71)90473-6","volume":"18","author":"T. Kasami","year":"1971","unstructured":"Kasami, T.: The weight enumerators for several classes of subcodes of the second order binary Reed-Muller codes. Information and Control\u00a018, 369\u2013394 (1971)","journal-title":"Information and Control"},{"key":"7_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"474","DOI":"10.1007\/978-3-540-24676-3_28","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"W. Meier","year":"2004","unstructured":"Meier, W., Pasalic, E., Carlet, C.: Algebraic Attacks and Decomposition of Boolean Functions. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol.\u00a03027, pp. 474\u2013491. Springer, Heidelberg (2004)"},{"key":"7_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-45708-9_1","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"S. Murphy","year":"2002","unstructured":"Murphy, S., Robshaw, M.J.B.: Essential Algebraic Structure within the AES. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol.\u00a02442, p. 1. Springer, Heidelberg (2002)"},{"key":"7_CR34","unstructured":"Murphy, S., Robshaw, M.: An analysis of the XSL attack and it\u2019s impact on the security of AES, Nessie report, \n                    \n                      https:\/\/www.cosic.esat.kuleuven.ac.be\/nessie\/reports\/phase2\/Xslbes8_Ness.pdf"},{"key":"7_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"566","DOI":"10.1007\/3-540-48071-4_41","volume-title":"Artificial Perception and Music Recognition","author":"K. Nyberg","year":"1993","unstructured":"Nyberg, K., Knudsen, L.R.: Provable security against differential cryptanalysis. In: Tanguiane, A.S. (ed.) Artificial Perception and Music Recognition. LNCS, vol.\u00a0746, pp. 566\u2013574. Springer, Heidelberg (1993)"},{"key":"7_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"248","DOI":"10.1007\/3-540-44750-4_20","volume-title":"Advances in Cryptology - CRYPTO \u201995","author":"J. Patarin","year":"1995","unstructured":"Patarin, J.: Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt 1988. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol.\u00a0963, pp. 248\u2013261. Springer, Heidelberg (1995)"},{"key":"7_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1007\/3-540-68339-9_4","volume-title":"Advances in Cryptology - EUROCRYPT \u201996","author":"J. Patarin","year":"1996","unstructured":"Patarin, J.: Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): two new families of Asymmetric Algorithms. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol.\u00a01070, pp. 33\u201348. Springer, Heidelberg (1996), The extended version can be found at \n                    \n                      http:\/\/www.minrank.org\/hfe.ps"},{"key":"7_CR38","unstructured":"Pieprzyk, J.: On bent premutations, Technical Report CS 91\/11; The University of New South Wales, Australia"},{"key":"7_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"392","DOI":"10.1007\/3-540-45539-6_27","volume-title":"Advances in Cryptology - EUROCRYPT 2000","author":"N.T. Courtois","year":"2000","unstructured":"Courtois, N.T., Klimov, A.B., Patarin, J., Shamir, A.: Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol.\u00a01807, pp. 392\u2013407. Springer, Heidelberg (2000)"},{"key":"7_CR40","first-page":"704","volume":"28","author":"C.E. Shannon","year":"1949","unstructured":"Shannon, C.E.: Communication theory of secrecy systems. Bell System Technical Journal\u00a028, 704 (1949)","journal-title":"Bell System Technical Journal"},{"key":"7_CR41","doi-asserted-by":"publisher","first-page":"354","DOI":"10.1007\/BF02165411","volume":"13","author":"V. Strassen","year":"1969","unstructured":"Strassen, V.: Gaussian Elimination is Not Optimal. Numerische Mathematik\u00a013, 354\u2013356 (1969)","journal-title":"Numerische Mathematik"},{"key":"7_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"406","DOI":"10.1007\/3-540-44987-6_25","volume-title":"Advances in Cryptology - EUROCRYPT 2001","author":"A.M. Youssef","year":"2001","unstructured":"Youssef, A.M., Gong, G.: Hyper-bent functions. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol.\u00a02045, pp. 406\u2013419. Springer, Heidelberg (2001)"}],"container-title":["Lecture Notes in Computer Science","Information Security and Privacy"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11780656_7.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T07:17:04Z","timestamp":1619507824000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11780656_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006]]},"ISBN":["9783540354581","9783540354598"],"references-count":42,"URL":"https:\/\/doi.org\/10.1007\/11780656_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2006]]}}}