Recursive lower bounds on the nonlinearity profile of Boolean functions and their applications

The nonlinearity profile of a Boolean function (i.e., the sequence of its minimum Hamming distances nl(r)(f) to all functions of degrees at most r, for r >= 1) is a cryptographic criterion whose role against attacks on stream and block ciphers has been illustrated by many papers. It plays also a role in coding theory, since it is related to the covering radii of Reed-Muller codes. We introduce a method for lower-bounding its values and we deduce bounds on the second-order nonlinearity for several classes of cryptographic Boolean functions, including the Welch and the multiplicative inverse functions (used in the S-boxes of the Advanced Encryption Standard (AES)). In the case of this last infinite class of functions, we are able to bound the whole profile, and we do it in an efficient way when the number of variables is not too small. This allows showing the good behavior of this function with respect to this criterion as well.