Abstract
The linear layer, which is basically a binary non-singular matrix, is an integral part of cipher construction in a lot of private key ciphers. As a result, optimising the linear layer for device implementation has been an important research direction for about two decades. The Boyar-Peralta’s algorithm (SEA’10) is one such common algorithm, which offers significant improvement compared to the straightforward implementation. This algorithm only returns implementation with XOR2 gates, and is deterministic. Over the last couple of years, some improvements over this algorithm has been proposed, so as to make support for XOR3 gates as well as make it randomised. In this work, we take an already existing improvement (Tan and Peyrin, TCHES’20) that allows randomised execution and extend it to support three input XOR gates. This complements the other work done in this direction (Banik et al., IWSEC’19) that also supports XOR3 gates with randomised execution. Further, noting from another work (Maximov, Eprint’19), we include one additional tie-breaker condition in the original Boyar-Peralta’s algorithm. Our work thus collates and extends the state-of-the-art, at the same time offers a simpler interface. We show several results that improve from the lastly best-known results.
This paper combines and extends from [5, 6, 10]. An extended version of this paper is available at [3]. The first author would like to thank Sylvain Guilley (Télécom-Paris; Secure-IC) for providing the gate costs in the STM 130 nm (ASIC4) library.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Available at https://bitbucket.org/vdasu_edu/boyar-peralta-xor3/.
- 2.
The algorithm in [10], with the kind permission from the authors, is available within our implementation (the relevant source-code is written by us).
- 3.
- 4.
References
Albrecht, M.R., Driessen, B., Kavun, E.B., Leander, G., Paar, C., Yalçın, T.: Block ciphers – focus on the linear layer (feat. PRIDE). In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 57–76. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_4
Avanzi, R.: The QARMA block cipher family. Almost MDS matrices over rings with zero divisors, nearly symmetric Even-Mansour constructions with non-involutory central rounds, and search heuristics for low-latency s-boxes. IACR Trans. Symmetric Cryptol. 2017(1), 4–44 (2017). https://doi.org/10.13154/tosc.v2017.i1.4-44
Baksi, A., Dasu, V.A., Karmakar, B., Chattopadhyay, A., Isobe, T.: Three input exclusive-or gate support for Boyar-Peralta’s algorithm (extended version). Cryptology ePrint Archive, Report 2021/1400 (2021). https://ia.cr/2021/1400
Baksi, A., Jang, K., Song, G., Seo, H., Xiang, Z.: Quantum implementation and resource estimates for rectangle and knot. Cryptology ePrint Archive, Report 2021/982 (2021). https://ia.cr/2021/982
Baksi, A., Karmakar, B., Dasu, V.A.: POSTER: optimizing device implementation of linear layers with automated tools. In: Zhou, J., et al. (eds.) ACNS 2021. LNCS, vol. 12809, pp. 500–504. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-81645-2_30
Baksi, A., Karmakar, B., Dasu, V.A., Saha, D., Chattopadhyay, A.: Further insights on implementation of the linear layer. In: SILC Workshop-Security and Implementation of Lightweight Cryptography (2021)
Baksi, A., Karmakar, B., Dasu, V.A., Saha, D., Chattopadhyay, A.: Further insights on implementation of the linear layer. In: SILC Workshop - Security and Implementation of Lightweight Cryptography (2021). https://www.esat.kuleuven.be/cosic/events/silc2020/wp-content/uploads/sites/4/2020/10/Submission1.pdf
Baksi, A., Pudi, V., Mandal, S., Chattopadhyay, A.: Lightweight ASIC implementation of AEGIS-128, pp. 251–256 (2018). https://doi.org/10.1109/ISVLSI.2018.00054
Banik, S., et al.: Midori: a block cipher for low energy (extended version). Cryptology ePrint Archive, Report 2015/1142 (2015). https://eprint.iacr.org/2015/1142
Banik, S., Funabiki, Y., Isobe, T.: More results on shortest linear programs. Cryptology ePrint Archive, Report 2019/856 (2019). https://eprint.iacr.org/2019/856
Barreto, P.S.L.M., Rijmen, V.: The Anubis block cipher (2000). Submission to NESSIE project. https://www.cosic.esat.kuleuven.be/nessie/workshop/submissions/anubis.zip
Borghoff, J., et al.: PRINCE – a low-latency block cipher for pervasive computing applications. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 208–225. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_14
Boyar, J., Peralta, R.: A new combinational logic minimization technique with applications to cryptology. In: Festa, P. (ed.) SEA 2010. LNCS, vol. 6049, pp. 178–189. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13193-6_16
Cid, C., Murphy, S., Robshaw, M.J.B.: Small scale variants of the AES. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 145–162. Springer, Heidelberg (2005). https://doi.org/10.1007/11502760_10
Dasu, V.A., Baksi, A., Sarkar, S., Chattopadhyay, A.: LIGHTER-R: optimized reversible circuit implementation for s-boxes. In: 32nd IEEE International System-on-Chip Conference, SOCC 2019, Singapore, 3–6 September 2019, pp. 260–265 (2019). https://doi.org/10.1109/SOCC46988.2019.1570548320
Jean, J., Nikolić, I., Peyrin, T.: Joltik v1.3 (2015). Submission to the CAESAR competition. http://www1.spms.ntu.edu.sg/~syllab/Joltik
Jean, J., Peyrin, T., Sim, S.M., Tourteaux, J.: Optimizing implementations of lightweight building blocks. IACR Trans. Symmetric Cryptol. 2017(4), 130–168 (2017). https://doi.org/10.13154/tosc.v2017.i4.130-168
Khoo, K., Peyrin, T., Poschmann, A.Y., Yap, H.: FOAM: searching for hardware-optimal SPN structures and components with a fair comparison. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 433–450. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44709-3_24
Kölsch, L.: XOR-counts and lightweight multiplication with fixed elements in binary finite fields. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11476, pp. 285–312. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17653-2_10
Lin, D., Xiang, Z., Zeng, X., Zhang, S.: A framework to optimize implementations of matrices. In: Paterson, K.G. (ed.) CT-RSA 2021. LNCS, vol. 12704, pp. 609–632. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-75539-3_25
Maximov, A.: AES mixcolumn with 92 XOR gates. Cryptology ePrint Archive, Report 2019/833 (2019). https://eprint.iacr.org/2019/833
Schneier, B., Kelsey, J., Whiting, D., Wagner, D., Hall, C., Ferguson, N.: Twofish: a 128-bit block cipher (1998). https://www.schneier.com/academic/paperfiles/paper-twofish-paper.pdf
Shirai, T., Shibutani, K., Akishita, T., Moriai, S., Iwata, T.: The 128-bit blockcipher CLEFIA (extended abstract). In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 181–195. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74619-5_12
Tan, Q.Q., Peyrin, T.: Improved heuristics for short linear programs. Cryptology ePrint Archive, Report 2019/847 (2019). https://eprint.iacr.org/2019/847
Xiang, Z., Zeng, X., Lin, D., Bao, Z., Zhang, S.: Optimizing implementations of linear layers. Cryptology ePrint Archive, Report 2020/903 (2020). https://eprint.iacr.org/2020/903
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Baksi, A., Dasu, V.A., Karmakar, B., Chattopadhyay, A., Isobe, T. (2021). Three Input Exclusive-OR Gate Support for Boyar-Peralta’s Algorithm. In: Adhikari, A., Küsters, R., Preneel, B. (eds) Progress in Cryptology – INDOCRYPT 2021. INDOCRYPT 2021. Lecture Notes in Computer Science(), vol 13143. Springer, Cham. https://doi.org/10.1007/978-3-030-92518-5_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-92518-5_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-92517-8
Online ISBN: 978-3-030-92518-5
eBook Packages: Computer ScienceComputer Science (R0)