On the Ambiguity of Differentially Uniform Functions

Recently, the ambiguity and deficiency of a given bijective mapping F over a finite abelian group G were introduced by Panario et al. [PSS+13, PSSW11] to measure the balancedness of the derivatives DaF (x) = F (x+a)−F (x) for all a ∈ G\{0}. Fundamental properties and cryptographic significance of these measures were further studied in [PSSW11, PSS+13]. In this paper, we extend the study of the ambiguity and deficiency to functions between any two finite abelian groups G1, G2 with possible different orders. Many functions in cryptography are of this type. For example, S-boxes in Data Encryption Standard (DES) are maps from the additive group of the finite field F26 to that of F24 . We investigate the optimum lower bound of ambiguity for theses functions and show that the case of equality of optimum lower bound characterizes the perfect nonlinear functions. In particular, a lower bound on the ambiguity of differentially k-uniform functions is given. We also provide a new characterization of ambiguity by means of the fourth moment of the Fourier transform. The connections between ambiguity, the second-order derivative and autocorrelation functions are also given. In addition, the ambiguity and deficiency of functions over finite fields with even characteristic is studied. Using these new characterizations, we refine our results for differentially k-uniform functions, power functions, and plateaued functions. In particular, we provide new lower bounds on the fourth moment of Fourier transform for a function from F2n to F2m when n is odd and m < n or n is even and n 2 < m < n, which is the best lower bound as far as we know. Moreover, we give a shorter and easier proof to determine the differential spectrum of the Bracken-Leander differentially 4-uniform power function, which was recently solved by determining the exact number of roots of the related polynomials. We focus on several typical differentially 4-uniform permutations and pseudo-planar functions constructed by Hu et al. [HLZ+15] and Qu [Qu16] and give the exact values for the ambiguity and deficiency for these functions. Moreover, we obtain an explicit relation between ambiguity and deficiency for any differentially 4-uniform function.