Analysis on Boolean Function in a Restricted (Biased) Domain

Article Type

Research Article

Publication Title

IEEE Transactions on Information Theory


Boolean functions are usually studied under the assumption that each input bit is considered independent and identically distributed. However, in the case of some stream ciphers, a keystream bit is generated by using a nonlinear Boolean function with inputs from a restricted domain. At Eurocrypt 2016, one such stream cipher (FLIP) has been proposed, where a Boolean function on n variables was exploited with inputs of weight n2 only. Recently, Carlet et al. studied several properties of such functions and obtained certain bounds on linear approximations of direct sum in the restricted domain. In this paper, we observe that for a direct sum like f=f1+f2, the inputs to each sub-function f1, f2 do not follow a uniform distribution in the restricted domain. In this regard, we study the properties of the Boolean functions by considering a general probability distribution on the inputs. We further obtain several bounds related to the biases of direct sums. Finally, we obtain a lower bound on the bias of the nonlinear filter function of FLIP. Our results provide a general framework to study security parameters of ciphers over restricted domain.

First Page


Last Page




Publication Date