On algorithmic implementation of 16-bit s-bo-xes with arx and butterfly structures | Applied Discrete Mathematics. Supplement. 2019. № 12. DOI: 10.17223/2226308X/12/32

On algorithmic implementation of 16-bit s-bo-xes with arx and butterfly structures

Implementations of nonlinear mappings of vector space V_n (s-boxes n x n) as lookup-tables are memory intensive. It requires n2ⁿ bits to store n-bit s-box. That is why the existing block ciphers use s-boxes of relatively small size (8x8 bit - AES, Kuznyechik, 6x4 bit - DES). New constructions of 16-bit algorithmically implementable s-boxes with improved performance and cryptographic properties (in comparison with the existing methods) are proposed. The first method is based on ARX (Add-Rotate-XOR) structure, using low-cost computations in software and hardware. The second method is based on butterfly structure, using 8-bit precomputed s-boxes to build 16 x 16 ones. Maximum expected differential probability, maximum expected linear probability and minimum nonlinear order over all linear combinations of the components of proposed s-boxes with ARX structure are 18/2¹⁶, 764/2¹⁵ and 15, respectively and of suggested s-boxes with Butterfly structure are 10/2¹⁶, 512/2¹⁵ and 15, respectively. It is established that the use of the proposed 16-bit s-boxes in the round substitutions of AES and Kuznyechik block ciphers significantly lowers the upper bounds of differential and linear probabilities for two and four rounds of these algorithms.

Download file

Counter downloads: 188

Keywords

s-бокс 16x16, алгоритмическая реализация, ARX, «Бабочка», максимальная разностная характеристика, максимальная линейная характеристика, степень нелинейности, 16-bit s-box, algorithmic implementation of s-boxes, ARX, Butterfly, maximum differential probability, maximum linear probability, nonlinear order

Authors

Name	Organization	E-mail
Komissarov S. M.	NRNU MEPhI	semenkomissarov@gmail.com

Всего: 1

References

Menyachikhin A. Spectral-linear and spectral-difference methods for generating cryptographically strong S-boxes // CTCrypt Preproc. Yaroslavl, 2016. P. 232-252. https://mjos.fi/doc/rus/CTCrypt2016Preproceedings.pdf

Фомичев В. М., Лолич Д. М., Юзбашев А. В. Алгоритмическая реализация s-боксов на основе модифицированных аддитивных генераторов // Прикладная дискретная математика. Приложение. 2017. №10. С. 102-104.

Бобров В. М, Комиссаров С. М. О свойствах двух классов s-боксов размера 16x16 // Прикладная дискретная математика. Приложение. 2018. №11. С. 57-61.

Jimenez R. A. Generation of 8-bit s-boxes Having Almost Optimal Cryptographic Properties Using Smaller 4-bit s-boxes and Finite Field Multiplication. Havana: Havana University, Institute of Cryptography, 2017. http://www.cs.haifa.ac.il/~orrd/LC17/paper60.pdf

Fomin D. B. New Classes of 8-bit Permutations Based on a Butterfly Structure. CTCrypt. Suzdal, 2018. https://ctcrypt.ru/files/files/2018/09_Fomin.pdf

Wood C. A. Large Substitution Boxes with Efficient Combinational Implementations. Thesis. Rochester Institute of Technology, 2013.

Daemen J. and Rijmen V. The Design of Rijndael, AES - the Advanced Encryption Standard. Springer Verlag, 2002.

AlTawy R. and Youssef A. M. A meet in the middle attack on reduced round Kuznyechik // IEICE Trans. 2015. V. 98-A. P. 2194-2198.

Park S., Sung S.H., Lee S., and Lim J. Improving the upper bound on the maximum differential and the maximum linear hull probability for SPN structures and AES // LNCS. 2003. V. 2887. P. 247-260.