学术文献库

The inverse function $x \mapsto x^{-1}$ on $\mathbb{F}_{2^n}$ is one of the most studied functions in cryptography due to its widespread use as an S-box in block ciphers like AES. In this paper, we show that, if $n\geq 5$, every function that is CCZ-equivalent to the inverse function is already EA-equivalent to it. This confirms a conjecture by Budaghyan, Calderini and Villa. We also prove that every permutation that is CCZ-equivalent to the inverse function is already affine equivalent to it. The majority of the paper is devoted to proving that there are no permutation polynomials of the form $L_1(x^{-1})+L_2(x)$ over $\mathbb{F}_{2^n}$ if $n\geq 5$, where $L_1,L_2$ are nonzero linear functions. In the proof, we combine Kloosterman sums, quadratic forms and tools from additive combinatorics.