ABSTRACT
In the following text, considering the cryptographic applications of PNs, we shall call them controlled permutation boxes (CPBs). The term CPB underlines its use in performing CPs on binary vectors. Let Pn/m denote a CPB with n-bit input and m-bit control input. CPB are usually constructed using elementary switching elements P2/1 as elementary building blocks. Each of the P2/1 boxes is controlled with one bit, v, and passes (v = 0) or transposes (v = 1) two input bits x1 and x2. In other words, the elementary switching element forms at its output two-bit value (y1, y2), where y1 = y1+v and y2 = x2−v. A Pn/m box has a layered topology and can be represented (see Figure 2.1) as a superposition,
where L is an active layer composed of n/2 switching elements; V1, V2, …, Vs are controlling vectors of the active layers from 1 to s; π1, π2, …, πs−1 are fixed permutations; and V = (V1, …, Vs ) is the controlling vector of the Pn/m box. Controlled permutations performed with the Pn/m box can be characterized using an ordered set of the modifications {Π0, Π1, Π2, ..., Π2m−1}, where each modification Πi, i = 0, 1, ..., 2m − 1, is a fixed permutation of some set of n bits. Permutations Πi (or Pi ) will be called CP modifications. The execution of the CP operation P(V n/)m(X) consists in performing the permutation ΠV on X: Y = P(V n/)m(X) = ΠV(X). The following two definitions [38] introduce some notions useful in the block cipher design:
Definition.2.1. Suppose a CPB Pn/m is given. A CPB P.−1n/m is called the inverse of Pn/m box if, for all V, the corresponding CP modifications PV and P.−1V are mutual inverses.
