Results on highly nonlinear Boolean functions with provably good immunity to fast algebraic attacks

In the last decade, algebraic and fast algebraic attacks are regarded as the most successful attacks on LFSR-based stream ciphers. Since the notion of algebraic immunity was introduced, the properties and constructions of Boolean functions with maximum algebraic immunity have been researched in a large number of papers. However, there are few results with respect to Boolean functions with provably good immunity against fast algebraic attacks. In previous literatures, only Carlet-Feng function was proven to have good immunity to fast algebraic attacks. In this paper, we first study a large family of highly nonlinear Boolean functions in terms of the immunity to fast algebraic attacks, which includes the functions of Tu-Deng, the functions of Tang et al. and the functions of Jin et al. Based on a sufficient and necessary condition for measuring the immunity of Boolean functions against fast algebraic attacks using bivariate polynomial representation, we propose an efficient method for estimating the immunity of the functions of such family. Then we prove that a family of 2k-variable Boolean functions, including the function recently constructed by Tang et al., are almost perfect algebraic immune for any integer k >= 3. More exactly, they achieve optimal algebraic immunity and almost perfect immunity to fast algebraic attacks. The functions of such family are balanced and have optimal algebraic degree. Besides, we prove a lower bound on their nonlinearity based on the work of Tang et al. which is better than that of Carlet-Feng function. It is also checked for 3 <= k <= 9 that the exact nonlinearity of such functions is very good, which is slightly smaller than that of Carlet-Feng function, and some functions of this family even have a slightly larger nonlinearity than Tang's et al. function. To sum up, among the known functions with provably good immunity against fast algebraic attacks, the functions of this family make a trade-off between the exact value and the lower bound of nonlinearity. (C) 2017 Elsevier Inc. All rights reserved.