{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,14]],"date-time":"2025-11-14T07:39:57Z","timestamp":1763105997806,"version":"3.37.3"},"reference-count":23,"publisher":"Springer Science and Business Media LLC","issue":"5","license":[{"start":{"date-parts":[[2024,4,26]],"date-time":"2024-04-26T00:00:00Z","timestamp":1714089600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2024,4,26]],"date-time":"2024-04-26T00:00:00Z","timestamp":1714089600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100000781","name":"European Research Council","doi-asserted-by":"publisher","award":["788980"],"award-info":[{"award-number":["788980"]}],"id":[{"id":"10.13039\/501100000781","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100000780","name":"European Commission","doi-asserted-by":"publisher","award":["805031"],"award-info":[{"award-number":["805031"]}],"id":[{"id":"10.13039\/501100000780","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cryptogr. Commun."],"published-print":{"date-parts":[[2024,9]]},"abstract":"Abstract<\/jats:title>Many modern cryptographic primitives for hashing and (authenticated) encryption make use of constructions that are instantiated with an iterated cryptographic permutation that operates on a fixed-width state consisting of an array of bits. Often, such permutations are the repeated application of a relatively simple round function consisting of a linear layer and a non-linear layer. These constructions do not require that the underlying function is a permutation and they can plausibly be based on a non-invertible transformation. Recently, Grassi proposed the use of non-invertible mappings operating on arrays of digits that are elements of a finite field of odd characteristic for so-called MPC-\/FHE-\/ZK-friendly symmetric cryptographic primitives. In this work, we consider a mapping that we call $$\\gamma $$<\/jats:tex-math>\n \u03b3<\/mml:mi>\n <\/mml:math><\/jats:alternatives><\/jats:inline-formula> that has a simple expression and is based on squaring. We discuss, for the first time, the differential and linear propagation properties of $$\\gamma $$<\/jats:tex-math>\n \u03b3<\/mml:mi>\n <\/mml:math><\/jats:alternatives><\/jats:inline-formula> and observe that these follow the same rules up to a relabeling of the digits. This is an intriguing property that, as far as we know, only exists for $$\\gamma $$<\/jats:tex-math>\n \u03b3<\/mml:mi>\n <\/mml:math><\/jats:alternatives><\/jats:inline-formula> and the binary mapping $$\\chi _{3}$$<\/jats:tex-math>\n \n \u03c7<\/mml:mi>\n 3<\/mml:mn>\n <\/mml:msub>\n <\/mml:math><\/jats:alternatives><\/jats:inline-formula> that is used in the cryptographic permutation Xoodoo<\/jats:sc>. Moreover, we study the implications of its non-invertibility on differentials with zero output difference and on biases at the output of the $$\\gamma $$<\/jats:tex-math>\n \u03b3<\/mml:mi>\n <\/mml:math><\/jats:alternatives><\/jats:inline-formula> mapping and show that they are as small as they can possibly be.<\/jats:p>","DOI":"10.1007\/s12095-024-00711-4","type":"journal-article","created":{"date-parts":[[2024,4,26]],"date-time":"2024-04-26T04:01:50Z","timestamp":1714104110000},"page":"997-1011","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Propagation properties of a non-linear mapping based on squaring in odd characteristic"],"prefix":"10.1007","volume":"16","author":[{"given":"Joan","family":"Daemen","sequence":"first","affiliation":[]},{"given":"Dani\u00ebl","family":"Kuijsters","sequence":"additional","affiliation":[]},{"given":"Silvia","family":"Mella","sequence":"additional","affiliation":[]},{"given":"Denise","family":"Verbakel","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,4,26]]},"reference":[{"unstructured":"Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Duplexing the sponge: singlepass authenticated encryption and other applications. Cryptology ePrint archive, paper 2011\/499. (2011) https:\/\/eprint.iacr.org\/2011\/499","key":"711_CR1"},{"issue":"4","key":"711_CR2","doi-asserted-by":"publisher","first-page":"1","DOI":"10.46586\/tosc.v2017.i4.1-38","volume":"2017","author":"G Bertoni","year":"2017","unstructured":"Bertoni, G., Daemen, J., Hoffert, S., Peeters, M., Assche, G.V., Keer, R.V.: Farfalle: parallel permutation-based cryptography. IACR Trans. Symmetric Cryptol. 2017(4), 1\u201338 (2017)","journal-title":"IACR Trans. Symmetric Cryptol."},{"issue":"3","key":"711_CR3","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1007\/S001459900025","volume":"10","author":"S Even","year":"1997","unstructured":"Even, S., Mansour, Y.: A construction of a cipher from a single pseudorandom permutation. J. Cryptol. 10(3), 151\u2013162 (1997). https:\/\/doi.org\/10.1007\/S001459900025","journal-title":"J. Cryptol."},{"issue":"1","key":"711_CR4","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1007\/s10623-019-00673-2","volume":"88","author":"S K\u00f6lbl","year":"2019","unstructured":"K\u00f6lbl, S., Tischhauser, E., Derbez, P., Bogdanov, A.: Troika: a ternary cryptographic hash function. Des. Codes Crypt. 88(1), 91\u2013117 (2019). https:\/\/doi.org\/10.1007\/s10623-019-00673-2","journal-title":"Des. Codes Crypt."},{"doi-asserted-by":"crossref","unstructured":"Albrecht, M.R., Grassi, L., Rechberger, C., Roy, A., Tiessen, T.: MiMC: efficient encryption and cryptographic hashing with minimal multiplicative complexity. Advances in cryptology - ASIACRYPT (2016)","key":"711_CR5","DOI":"10.1007\/978-3-662-53887-6_7"},{"doi-asserted-by":"crossref","unstructured":"Albrecht, M.R., Grassi, L., Perrin, L., Ramacher, S., Rechberger, C., Rotaru, D., Roy, A., Schofnegger, M.: Feistel structures for MPC, and more. Computer security - ESORICS (2019)","key":"711_CR6","DOI":"10.1007\/978-3-030-29962-0_8"},{"unstructured":"Grassi, L., Khovratovich, D., Rechberger, C., Roy, A., Schofnegger, M.: Poseidon: a new hash function for zero-knowledge proof systems. 30th USENIX security symposium (2021)","key":"711_CR7"},{"doi-asserted-by":"crossref","unstructured":"Dobraunig, C., Grassi, L., Guinet, A., Kuijsters, D.: Ciminion: symmetric encryption based on toffoli-gates over large finite fields. Advances in cryptology - EUROCRYPT (2021)","key":"711_CR8","DOI":"10.1007\/978-3-030-77886-6_1"},{"doi-asserted-by":"publisher","unstructured":"Grassi, L.: Bounded surjective quadratic functions over fnp for mpc-\/zk-\/fhefriendly symmetric primitives. IACR Trans. Symmetric Cryptol. 2023(2), 94\u2013131 (2023) https:\/\/doi.org\/10.46586\/TOSC.V2023.I2.94-131","key":"711_CR9","DOI":"10.46586\/TOSC.V2023.I2.94-131"},{"doi-asserted-by":"publisher","unstructured":"Daemen, J., Assche, G.V.: Differential propagation analysis of keccak. In: Canteaut, A. (ed.) Fast Software Encryption - 19th International Workshop, FSE 2012, Washington, DC, USA, March 19-21, 2012. Revised Selected Papers. Lecture Notes in Computer Science, vol. 7549, pp. 422\u2013441. Springer, Berlin, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34047-5_24","key":"711_CR10","DOI":"10.1007\/978-3-642-34047-5_24"},{"doi-asserted-by":"publisher","unstructured":"Biham, E., Shamir, A.: Differential cryptanalysis of des-like cryptosystems. In: Menezes, A., Vanstone, S.A. (eds.) Advances in Cryptology - CRYPTO \u201990, 10th Annual International Cryptology Conference, Santa Barbara, California, USA, august 11-15, 1990, Proceedings. Lecture Notes in Computer Science, vol. 537, pp. 2\u201321. Springer, Berlin, Heidelberg (1990). https:\/\/doi.org\/10.1007\/3-540-38424-3_1","key":"711_CR11","DOI":"10.1007\/3-540-38424-3_1"},{"doi-asserted-by":"publisher","unstructured":"Daemen, J., Govaerts, R., Vandewalle, J.: Correlation matrices. In: Preneel, B. (ed.) Fast Software Encryption: Second International Workshop. Leuven, Belgium, 14-16 December 1994, Proceedings. Lecture Notes in Computer Science, vol. 1008, pp. 275\u2013285. Springer, Berlin, Heidelberg (1994) https:\/\/doi.org\/10.1007\/3-540-60590-8_21","key":"711_CR12","DOI":"10.1007\/3-540-60590-8_21"},{"doi-asserted-by":"publisher","unstructured":"Baign\u00e8res, T., Stern, J., Vaudenay, S.: Linear cryptanalysis of non binary ciphers. In: Adams, C., Miri, A., Wiener, M. (eds.) Selected Areas in Cryptography, pp. 184\u2013211. Springer, Heidelberg, Germany (2007). https:\/\/doi.org\/10.1007\/978-3-540-77360-3_13","key":"711_CR13","DOI":"10.1007\/978-3-540-77360-3_13"},{"doi-asserted-by":"publisher","unstructured":"Daemen, J., Rijmen, V.: Correlation Analysis in GF(2n). In: the design of rijndael: the advanced encryption standard (AES), pp. 181\u2013194. Springer, Heidelberg, Germany (2020). https:\/\/doi.org\/10.1007\/978-3-662-60769-5_12","key":"711_CR14","DOI":"10.1007\/978-3-662-60769-5_12"},{"doi-asserted-by":"crossref","unstructured":"Hou, X.-d.: Lectures on Finite Fields. American Mathematical Society, Providence, Rhode Island. Series: Graduate Studies in Mathematics, vol. 190 (2018)","key":"711_CR15","DOI":"10.1090\/gsm\/190"},{"issue":"3","key":"711_CR16","doi-asserted-by":"publisher","first-page":"429","DOI":"10.1017\/S000497270003121X","volume":"56","author":"RS Coulter","year":"1997","unstructured":"Coulter, R.S., Matthews, R.W.: Bent polynomials over finite fields. Bull. Aust. Math. Soc. 56(3), 429\u2013437 (1997). https:\/\/doi.org\/10.1017\/S000497270003121X","journal-title":"Bull. Aust. Math. Soc."},{"doi-asserted-by":"publisher","unstructured":"Carlet, C. (ed.): Boolean Functions for Cryptography and Coding Theory. Cambridge University Press, UK (2020). https:\/\/doi.org\/10.1017\/9781108606806","key":"711_CR17","DOI":"10.1017\/9781108606806"},{"doi-asserted-by":"crossref","unstructured":"Lidl, R., Niederreiter, H.: Finite Fields vol. 20, 2nd edn. Cambridge University Press, Cambridge, United Kingdom (1997)","key":"711_CR18","DOI":"10.1017\/CBO9780511525926"},{"unstructured":"Standards, N.I., Technology: NIST SP 800-38D Recommendation for Block Cipher Modes of Operation: Galois\/Counter Mode (GCM) and GMAC (November 2007). https:\/\/csrc.nist.gov\/pubs\/sp\/800\/38\/d\/final","key":"711_CR19"},{"unstructured":"Standards, N.I., Technology: NIST SP 800-38A Recommendation for Block Cipher Modes of Operation: Methods and Techniques (November 2007). https:\/\/csrc.nist.gov\/pubs\/sp\/800\/38\/a\/final","key":"711_CR20"},{"doi-asserted-by":"publisher","unstructured":"Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: On the indifferentiability of the sponge construction. In: Smart, N.P. (ed.) Advances in Cryptology - EUROCRYPT 2008, 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey, April 13- 17, 2008. Proceedings. Lecture Notes in Computer Science, vol. 4965, pp. 181\u2013197. Springer, Berlin, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-78967-3_11","key":"711_CR21","DOI":"10.1007\/978-3-540-78967-3_11"},{"doi-asserted-by":"publisher","unstructured":"Berger, T.P., D\u2019Hayer, J., Marquet, K., Minier, M., Thomas, G.: The GLUON family: a lightweight hash function family based on fcsrs. In: Mitrokotsa, A., Vaudenay, S. (eds.) Progress in Cryptology - AFRICACRYPT 2012 - 5th International Conference on Cryptology in Africa, Ifrance, Morocco, July 10- 12, 2012. Proceedings. Lecture Notes in Computer Science, vol. 7374, pp. 306\u2013323. Springer, Berlin, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-31410-0_19","key":"711_CR22","DOI":"10.1007\/978-3-642-31410-0_19"},{"doi-asserted-by":"publisher","unstructured":"Beyne, T., Chen, Y.L., Dobraunig, C., Mennink, B.: Dumbo, jumbo, and delirium: parallel authenticated encryption for the lightweight circus. IACR Trans. Symmetric Cryptol. 2020(S1), 5\u201330 (2020) https:\/\/doi.org\/10.13154\/TOSC.V2020.IS1.5-30","key":"711_CR23","DOI":"10.13154\/TOSC.V2020.IS1.5-30"}],"container-title":["Cryptography and Communications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s12095-024-00711-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s12095-024-00711-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s12095-024-00711-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,7]],"date-time":"2025-01-07T05:12:57Z","timestamp":1736226777000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s12095-024-00711-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,4,26]]},"references-count":23,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2024,9]]}},"alternative-id":["711"],"URL":"https:\/\/doi.org\/10.1007\/s12095-024-00711-4","relation":{},"ISSN":["1936-2447","1936-2455"],"issn-type":[{"type":"print","value":"1936-2447"},{"type":"electronic","value":"1936-2455"}],"subject":[],"published":{"date-parts":[[2024,4,26]]},"assertion":[{"value":"28 November 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"18 March 2024","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"26 April 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}