Advertisement

Gimli : A Cross-Platform Permutation

  • Daniel J. Bernstein
  • Stefan Kölbl
  • Stefan Lucks
  • Pedro Maat Costa Massolino
  • Florian Mendel
  • Kashif Nawaz
  • Tobias Schneider
  • Peter Schwabe
  • François-Xavier Standaert
  • Yosuke Todo
  • Benoît Viguier
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10529)

Abstract

This paper presents Gimli, a 384-bit permutation designed to achieve high security with high performance across a broad range of platforms, including 64-bit Intel/AMD server CPUs, 64-bit and 32-bit ARM smartphone CPUs, 32-bit ARM microcontrollers, 8-bit AVR microcontrollers, FPGAs, ASICs without side-channel protection, and ASICs with side-channel protection.

Keywords

Intel AMD ARM Cortex-A ARM Cortex-M AVR FPGA ASIC Side channels The eyes of a hawk and the ears of a fox 

References

  1. 1.
    Aumasson, J.-P., Jovanovic, P., Neves, S.: Analysis of NORX: investigating differential and rotational properties. In: Aranha, D.F., Menezes, A. (eds.) LATINCRYPT 2014. LNCS, vol. 8895, pp. 306–324. Springer, Cham (2015). doi: 10.1007/978-3-319-16295-9_17. 308, 309Google Scholar
  2. 2.
    Aumasson, J.-P., Jovanovic, P., Neves, S.: NORX: parallel and scalable AEAD. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 19–36. Springer, Cham (2014). doi: 10.1007/978-3-319-11212-1_2. 304Google Scholar
  3. 3.
    Aumasson, J., Meier, W., Phan, R.C., Henzen, L.: The Hash Function BLAKE. Information Security and Cryptography. Springer, Heidelberg (2014). 306CrossRefzbMATHGoogle Scholar
  4. 4.
    Aumasson, J.-P., Knellwolf, S., Meier, W.: Heavy Quark for secure AEAD. In: DIAC 2012: Directions in Authenticated Ciphers (2012). 305Google Scholar
  5. 5.
    Balasch, J., Ege, B., Eisenbarth, T., Gérard, B., Gong, Z., Güneysu, T., Heyse, S., Kerckhof, S., Koeune, F., Plos, T., Pöppelmann, T., Regazzoni, F., Standaert, F.-X., Assche, G.V., Keer, R.V., van Oldeneel tot Oldenzeel, L., von Maurich, I.: Compact implementation and performance evaluation of hash functions in ATtiny devices. Cryptology ePrint Archive: Report 2012/507 (2012). https://eprint.iacr.org/2012/507/. 317
  6. 6.
    Bernstein, D.J.: ChaCha, a variant of Salsa20. In: SASC 2008: The State of the Art of Stream Ciphers (2008). https://cr.yp.to/chacha/chacha-20080128.pdf. 300
  7. 7.
    Bernstein, D.J.: The Salsa20 family of stream ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 84–97. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-68351-3_8. 300CrossRefGoogle Scholar
  8. 8.
    Bernstein, D.J., Lange, T.: eBACS: ECRYPT benchmarking of cryptographic systems. https://bench.cr.yp.to. Accessed 25 June 2017. 317
  9. 9.
    Bernstein, D.J., Schwabe, P.: NEON crypto. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 320–339. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-33027-8_19. 300, 316CrossRefGoogle Scholar
  10. 10.
    Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Cryptographic sponge functions (2011). http://sponge.noekeon.org/CSF-0.1.pdf. 317
  11. 11.
    Bertoni, G., Daemen, J., Peeters, M., Assche, G.: Keccak. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 313–314. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-38348-9_19. 300CrossRefGoogle Scholar
  12. 12.
    Bogdanov, A., Knezevic, M., Leander, G., Toz, D., Varici, K., Verbauwhede, I.: SPONGENT: the design space of lightweight cryptographic hashing (2011). https://eprint.iacr.org/2011/697. 305, 317
  13. 13.
    Bursztein, E.: Speeding up and strengthening HTTPS connections for Chrome on Android (2014). https://security.googleblog.com/2014/04/speeding-up-and-strengthening-https.html. 300
  14. 14.
    Dinu, D., Perrin, L., Udovenko, A., Velichkov, V., Großschädl, J., Biryukov, A.: Design strategies for ARX with provable bounds: Sparx and LAX. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 484–513. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-53887-6_18. 306CrossRefGoogle Scholar
  15. 15.
    Dobraunig, C., Eichlseder, M., Mendel, F., Schläffer, M.: Ascon v1.2. Submission to the CAESAR competition (2016). https://competitions.cr.yp.to/round3/asconv12.pdf. 302, 317
  16. 16.
    Fouque, P.-A., Joux, A., Mavromati, C.: Multi-user collisions: applications to discrete logarithm, Even-Mansour and PRINCE. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 420–438. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-45611-8_22. 305Google Scholar
  17. 17.
    Guo, J., Peyrin, T., Poschmann, A.: The PHOTON family of lightweight hash functions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 222–239. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-22792-9_13. 305CrossRefGoogle Scholar
  18. 18.
    Hülsing, A., Rijneveld, J., Schwabe, P.: ARMed SPHINCS. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 446–470. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49384-7_17. 317CrossRefGoogle Scholar
  19. 19.
    Hutter, M., Schwabe, P.: NaCl on 8-Bit AVR microcontrollers. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds.) AFRICACRYPT 2013. LNCS, vol. 7918, pp. 156–172. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-38553-7_9. 317CrossRefGoogle Scholar
  20. 20.
    Kölbl, S., Leander, G., Tiessen, T.: Observations on the SIMON block cipher family. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 161–185. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-47989-6_8. 308, 309CrossRefGoogle Scholar
  21. 21.
    Mouha, N., Mennink, B., Herrewege, A.V., Watanabe, D., Preneel, B., Verbauwhede, I.: Chaskey: an efficient MAC algorithm for 32-bit microcontrollers. In: Joux, A., Youssef, A. (eds.) SAC 2014. LNCS, vol. 8781, pp. 306–323. Springer, Cham (2014). doi: 10.1007/978-3-319-13051-4_19. 300, 317CrossRefGoogle Scholar
  22. 22.
    Poettering, B.: AVRAES: the AES block cipher on AVR controllers (2003). http://point-at-infinity.org/avraes/. 317
  23. 23.
    Samwel, N., Neikes, M.: arm-chacha20 (2016). https://gitlab.science.ru.nl/mneikes/arm-chacha20/tree/master. 317
  24. 24.
    Schneider, E., de Groot, W.: spongent-avr (2015). https://github.com/weedegee/spongent-avr. 317
  25. 25.
    Schwabe, P., Stoffelen, K.: All the AES you need on Cortex-M3 and M4. In: Selected Areas in Cryptology - SAC 2016. LNCS. Springer. To appear. 317Google Scholar
  26. 26.
    Schwabe, P., Yang, B.-Y., Yang, S.-Y.: SHA-3 on ARM11 processors. In: Mitrokotsa, A., Vaudenay, S. (eds.) AFRICACRYPT 2012. LNCS, vol. 7374, pp. 324–341. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-31410-0_20. 316CrossRefGoogle Scholar
  27. 27.
    Sullivan, N.: Do the ChaCha: better mobile performance with cryptography (2015). https://blog.cloudflare.com/do-the-chacha-better-mobile-performance-with-cryptography/. 300
  28. 28.
    Todo, Y.: Structural evaluation by generalized integral property. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 287–314. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-46800-5_12. 310Google Scholar
  29. 29.
    Todo, Y., Morii, M.: Bit-based division property and application to Simon family. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 357–377. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-52993-5_18. 310CrossRefGoogle Scholar
  30. 30.
    Van Assche, G., Van Keer, R.: Structuring and optimizing Keccak software (2016). 317Google Scholar
  31. 31.
    Weatherley, R.: Arduinolibs (2016). https://rweather.github.io/arduinolibs/crypto.html. 317
  32. 32.
    Xiang, Z., Zhang, W., Bao, Z., Lin, D.: Applying MILP method to searching integral distinguishers based on division property for 6 lightweight block ciphers. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 648–678. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-53887-6_24. 310CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2017

Authors and Affiliations

  • Daniel J. Bernstein
    • 1
  • Stefan Kölbl
    • 2
  • Stefan Lucks
    • 3
  • Pedro Maat Costa Massolino
    • 4
  • Florian Mendel
    • 5
  • Kashif Nawaz
    • 6
  • Tobias Schneider
    • 7
  • Peter Schwabe
    • 4
  • François-Xavier Standaert
    • 6
  • Yosuke Todo
    • 8
  • Benoît Viguier
    • 4
  1. 1.University of Illinois at ChicagoChicagoUSA
  2. 2.Technical University of DenmarkKongens LyngbyDenmark
  3. 3.Bauhaus-Universität WeimarWeimarGermany
  4. 4.Radboud UniversityNijmegenNetherlands
  5. 5.Graz University of TechnologyGrazAustria
  6. 6.Université Catholique de LouvainLouvain-la-NeuveBelgium
  7. 7.Ruhr-University BochumBochumGermany
  8. 8.NTT Secure Platform LaboratoriesTokyoJapan

Personalised recommendations