Browse > Article
http://dx.doi.org/10.13089/JKIISC.2022.32.3.465

How to Generate Lightweight S-Boxes by Using AND Gate Accumulation  

Jeon, Yongjin (Kookmin University)
Kim, Jongsung (Kookmin University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.32, no.3, 2022 , pp. 465-475 More about this Journal
Abstract
Due to the impact of COVID-19, people are paying attention to convenience and health, and the use of IoT devices to help them is increasing. In order to embed a lightweight security element in IoT devices that need to handle sensitive information even with limited resources, the development of a lightweight S-box is essential. Until 2021, it was common to develop a lightweight 4-bit S-box by a heuristic method, and to develop an extended structure or repeat the same operation for a larger size lightweight S-box. However, in January 2022, a paper that proposed a heuristic algorithm to find an 8-bit S-box with better differential uniformity and linearity than the S-box generated with an MISTY extended structure, although non-bijective, was published [1]. The heuristic algorithm proposed in this paper generates an S-box by adding AND operations one by one. Whenever an AND operation is added, they use a method that pre-removes the S-box for which the calculated differential uniformity does not reach the desired criterion. In this paper, we improve the performance of this heuristic algorithm. By increasing the amount of pre-removal using not only differential uniformity but also other differential property, and adding a process of calculating linearity for pre-removing, it is possible to satisfy not only differential security but also linear security.
Keywords
Lightweight S-box; Differential uniformity; Linearity; Multiplicative complexity;
Citations & Related Records
연도 인용수 순위
  • Reference
1 G. Kim, H. Kim, Y. Heo, Y. Jeon, and J. Kim, "Generating Cryptographic S-Boxes Using the Reinforcement Learning," IEEE Access, vol. 9, pp. 83092-83104, Jun. 2021.   DOI
2 A. Canteaut, S. Duval, and G. Leurent, "Construction of lightweight S-boxes using Feistel and MISTY structures," SAC'15, LNSC 9566, pp. 373-393, 2015.
3 G. Leander, T. Moos, A. Moradi, and S. Rasoolzadeh, "The SPEEDY Family of Block Ciphers," Engineering an Ultra Low-Latency Cipher from Gate Level for Secure Processor Architectures, vol. 2021(4), pp. 510-545, Aug. 2021.
4 B. Bilgin, L. De Meyer, S. Duval, I. Levi, and F. X. Standaert, "Low ANDdepth and efficient inverses: a guide on s-boxes for low-latency masking," IACR Transactions on Symmetric Cryp tology, vol. 2020(1), pp. 144-184, May 2020.
5 C. Carlet and C. Ding, "Nonlinearities of S-boxes," Finite fields and their applications, vol. 13(1), pp. 121-135, Jan. 2007   DOI
6 J. Wallen, "Design principles of the kasumi block cipher," In Proceedings of the Helsinki University of Technology Seminar on Network Security, 2000
7 V. Grosso, G. Leurent, F. X. Standaert, and K. Varici, "LS-designs: Bitslice encryption for efficient masked software implementations," FSE'14, LNSC 8540, pp. 18-37, Apr. 2015.
8 K. McKay, L. Bassham, M. Sonmez Turan, and N. Mouha, "Report on light weight cryptography," NISTIR 8114, Mar. 2017.
9 M. Turan Sonmez, and R. Peralta, "The multiplicative complexity of Boolean functions on four and five variables," LightSec'14, LNSC 8898, pp. 21-33, Mar. 2015.
10 Y. Jeon, S. Baek, H. Kim, G. Kim, and J. Kim, "Differential uniformity and linearity of S-boxes by multiplicative complexity," Cryptography and Communications (2022), Jan. 2022.
11 T. Shimoyama, H. Yanami, K. Yokoyama, M. Takenaka, K. Itoh, J. Yajima, N. Torii, and H. Tanaka, "The block cipher SC2000," FSE'00, LNCS 2355, pp. 312-327, Jun. 02.
12 M. S. Turan, K. McKay, D. Chang, C. Calik, L. Bassham, J. Kang, and J. Kelsey, "Status Report on the Second Round of the NIST Lightweight Cryptography Standardization Process," NISTIR 8369, Jul. 2021.
13 P. Zajac, and M. Jokay, "Multiplicative complexity of bijective 4×4 S-boxes," Cryptography and Communications, vol. 6, pp. 255-277, May 2014.   DOI
14 H. Kim, Y. Jeon, G. Kim, J. Kim, B. Sim, D. Han, H. Seo, S. Kim, S. Hong, J. Sung, and D. Hong, "A new method for designing lightweight S-boxes with high differential and linear branch numbers, and its application," IEEE Access, vol. 9, pp. 150592-150607, Oct. 2021.   DOI
15 K. A. Browning, J. F. Dillon, M. T. McQuistan, and A. J. Wolfe, "An APN permutation in dimension six," Finite Fields: theory and applications, vol. 518, pp. 33-42, 2010   DOI
16 B. Bilgin, A. Bogdanov, M. Knezevic, F. Mendel, and Q. Wang, "Fides: Lightweight authenticated cipher with side-channel resistance for constrained hardware," CHES'13, pp. 142-158, Aug. 2013
17 M. Aagaard, R. AlTawy, G. Gong, K. Mandal, R. Rohit, and N. Zidaric, "WAGE: an authenticated cipher," Submission to NIST Lightweight Cryptography Standardization Project, Aug. 2019.
18 M. Matsui, "New block encryption algorithm MISTY," FSE'97, pp. 54-68, Jan. 1997
19 J. Daemen and V. Rijmen, "The Rijndael block cipher: AES proposal," In First candidate conference (AeS1), pp. 343-348, Mar. 1999.
20 C. Beierle, J. Jean, S. Kolbl, G. Leander, A. Moradi, T. Peyrin, Y. Sasaki, P. Sasdrich, and S. M. Sim, "The SKINNY family of block ciphers and its low-latency variant MANTIS," CRYPTO'16, LNSC 9815, pp. 123-153, Jul. 2016.