On the Evolution of Boomerang Uniformity in Cryptographic S-boxes

TL;DR

This paper investigates the development of S-boxes with optimal boomerang uniformity across various sizes, revealing the complexity of achieving optimality as size increases and providing solutions for smaller sizes.

Contribution

It explores the evolution of S-boxes with good boomerang uniformity using different encodings and sizes, achieving optimal solutions for small sizes and highlighting challenges for larger ones.

Findings

Optimal solutions for 4x4 and 5x5 S-boxes.

Optimal boomerang uniformity for 6x6 non-APN functions.

Problem complexity increases with larger S-box sizes.

Abstract

S-boxes are an important primitive that help cryptographic algorithms to be resilient against various attacks. The resilience against specific attacks can be connected with a certain property of an S-box, and the better the property value, the more secure the algorithm. One example of such a property is called boomerang uniformity, which helps to be resilient against boomerang attacks. How to construct S-boxes with good boomerang uniformity is not always clear. There are algebraic techniques that can result in good boomerang uniformity, but the results are still rare. In this work, we explore the evolution of S-boxes with good values of boomerang uniformity. We consider three different encodings and five S-box sizes. For sizes $4\times 4$ and $5\times 5$, we manage to obtain optimal solutions. For $6\times 6$, we obtain optimal boomerang uniformity for the non-APN function. For larger sizes, the results indicate the problem to be very difficult (even more difficult than evolving differential uniformity, which can be considered a well-researched problem).