Skip to main content
SpringerLink
Log in

RAMus- A New Lightweight Block Cipher for RAM Encryption

  • Conference paper
  • First Online:
Security and Cryptography for Networks (SCN 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13409))

Included in the following conference series:

  • 759 Accesses

Abstract

Over the past decades, there has been a dramatic increase of the attacks recovering the data from the RAM memory. These have heightened the need for new solutions and primitives suitable for the encryption of this information. In this paper we introduce RAMus, a new tweakable lightweight block cipher whose properties support its usage for securing the RAM memory. In this sense, RAMus attains all the requirements provided by the (German) Federal Office of Information Security (BSI) in the domain of encryption algorithms suitable for RAM and memory encryption. The design strategy of RAMus is inspired from the LS-approach. Compared to the literature, in our proposal the linear layer is replaced by a second Sbox layer. In RAMus, the diffusion is ensured by the Sbox layers, which use Sboxes with a non-trivial branch number.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Methodology for cryptographic rating of memory encryption schemes used in smartcards and similar devices. https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_46_MEGuide_e_pdf.pdf. Accessed 20 Feb 2022

  2. Present C implementation. https://github.com/kurtfu/present. Accessed 23 Feb 2022

  3. PRINCEv2 C implementation. https://github.com/rub-hgi/princev2/tree/main/code. Accessed 14 Nov 2021

  4. Qarma-64 C implementation. https://github.com/Phantom1003/QARMA64. Accessed 14 Nov 2021

  5. Skinny C implementation. https://docs.google.com/viewer?a=v &pid=sites &srcid=ZGVmYXVsdGRvbWFpbnxza2lubnljaXBoZXJ8Z3g6NTEwY2I1MGFkZGNjMDU0MQ. Accessed 23 Feb 2022

  6. FIPS Publication 46–3, Data Encryption Standard ( DES). https://csrc.nist.gov/csrc/media/publications/fips/46/3/archive/1999-10-25/documents/fips46-3.pdf

  7. Albrecht, M.R., Driessen, B., Kavun, E.B., Leander, G., Paar, C., Yalçın, T.: Block ciphers – focus on the linear layer (feat. PRIDE). In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 57–76. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_4

    Chapter  Google Scholar 

  8. AlTawy, R., et al.: SpoC: an authenticated cipher submission to the NIST LWC competition (2019). https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/round-2/spec-doc-rnd2/spoc-spec-round2.pdf

  9. AlTawy, R., Gong, G., He, M., Mandal, K., Rohit, R.: Spix: an authenticated cipher submission to the NIST LWC competition (2019). https://csrc.nist.gov/CSRC/media/Projects/Lightweight-Cryptography/documents/round-1/spec-doc/spix-spec.pdf

  10. Avanzi, R.: The QARMA block cipher family. Almost MDS matrices over rings with zero divisors, nearly symmetric Even-Mansour constructions with non-involutory central rounds, and search heuristics for low-latency S-boxes. IACR Trans. Symm. Cryptol., 4–44 (2017)

    Google Scholar 

  11. Azimi, S.A., Ranea, A., Salmasizadeh, M., Mohajeri, J., Aref, M.R., Rijmen, V.: A bit-vector differential model for the modular addition by a constant. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12491, pp. 385–414. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64837-4_13

    Chapter  Google Scholar 

  12. Beierle, C., et al.: The SKINNY family of block ciphers and its low-latency variant MANTIS. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 123–153. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53008-5_5

    Chapter  Google Scholar 

  13. Bernstein, D.J., et al.: Gimli: a cross-platform permutation. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 299–320. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_15

    Chapter  Google Scholar 

  14. Biham, E.: On Matsui’s linear cryptanalysis. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 341–355. Springer, Heidelberg (1995). https://doi.org/10.1007/BFb0053449

    Chapter  Google Scholar 

  15. Biham, E., Anderson, R., Knudsen, L.: Serpent: a new block cipher proposal. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 222–238. Springer, Heidelberg (1998). https://doi.org/10.1007/3-540-69710-1_15

    Chapter  Google Scholar 

  16. Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptol. 4(1), 3–72 (1991)

    Article  MathSciNet  Google Scholar 

  17. Bilgin, B., Meyer, L.D., Duval, S., Levi, I., Standaert, F.: Low AND depth and efficient inverses: a guide on s-boxes for low-latency masking. IACR Trans. Symm. Cryptol. 2020(1), 144–184 (2020)

    Article  Google Scholar 

  18. Bogdanov, A., et al.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74735-2_31

    Chapter  Google Scholar 

  19. Borghoff, J., et al.: PRINCE – a low-latency block cipher for pervasive computing applications. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 208–225. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_14

    Chapter  Google Scholar 

  20. Boss, E., Grosso, V., Güneysu, T., Leander, G., Moradi, A., Schneider, T.: Strong 8-bit Sboxes with efficient masking in hardware extended version. J. Cryptogr. Eng. 7, 1–17 (2017)

    Article  Google Scholar 

  21. Chabaud, F., Vaudenay, S.: Links between differential and linear cryptanalysis. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 356–365. Springer, Heidelberg (1995). https://doi.org/10.1007/BFb0053450

    Chapter  Google Scholar 

  22. Daemen, J., Govaerts, R., Vandewalle, J.: Correlation matrices. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 275–285. Springer, Heidelberg (1995). https://doi.org/10.1007/3-540-60590-8_21

    Chapter  Google Scholar 

  23. Daemen, J., Rijmen, V.: The Design of Rijndael. Springer, Heidelberg (2020). https://doi.org/10.1007/978-3-662-60769-5

    Book  MATH  Google Scholar 

  24. Dobraunig, C., Eichlseder, M., Mendel, F., Schläffer, M.: ASCON v1. 2. Submission to the CAESAR Competition (2016)

    Google Scholar 

  25. Grosso, V., Leurent, G., Standaert, F.X., Varc, K.: LS-Designs: bitslice encryption for efficient masked software implementations, vol. 8540 (2014)

    Google Scholar 

  26. Gruhn, M., Müller, T.: On the practicability of cold boot attacks. In: 2013 International Conference on Availability, Reliability and Security, pp. 390–397 (2013)

    Google Scholar 

  27. Joy Persial, G., Prabhu, M., Shanmugalakshmi, R.: Side channel attack-survey. Int. J. Adv. Sci. Res. Rev. 1(4), 54–57 (2011)

    Google Scholar 

  28. Kim, H., et al.: A new method for designing lightweight S-boxes with high differential and linear branch numbers, and its application. IACR Cryptol. ePrint Arch. 2020, 1582 (2020)

    Google Scholar 

  29. Knudsen, L., Wagner, D.: Integral cryptanalysis. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 112–127. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45661-9_9

    Chapter  Google Scholar 

  30. Liu, Y., Rijmen, V., Leander, G.: Nonlinear diffusion layers. Des. Codes Cryptogr. 86(11), 2469–2484 (2018)

    Article  MathSciNet  Google Scholar 

  31. Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7_33

    Chapter  Google Scholar 

  32. Meyer, L.D., Varici, K.: More constructions for strong 8-bit S-boxes with efficient masking in hardware (2017)

    Google Scholar 

  33. Mourouzis, T.: Optimizations in algebraic and differential cryptanalysis. Ph.D. thesis, UCL (University College London) (2015)

    Google Scholar 

  34. Nikova, S., Rechberger, C., Rijmen, V.: Threshold implementations against side-channel attacks and glitches. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 529–545. Springer, Heidelberg (2006). https://doi.org/10.1007/11935308_38

    Chapter  MATH  Google Scholar 

  35. Ruisanchez, C.P.: A new algorithm to construct S-boxes with high diffusion. Int. J. Soft Comput. Math. Control (IJSCMC) 4(3), 41–50 (2015)

    Google Scholar 

  36. Saarinen, M.-J.O.: Cryptographic analysis of All 4\(\times \) 4-bit S-boxes. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 118–133. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28496-0_7

    Chapter  Google Scholar 

  37. Sarkar, S., Mandal, K., Saha, D.: On the relationship between resilient boolean functions and linear branch number of S-boxes. In: Hao, F., Ruj, S., Sen Gupta, S. (eds.) INDOCRYPT 2019. LNCS, vol. 11898, pp. 361–374. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-35423-7_18

    Chapter  Google Scholar 

  38. Sarkar, S., Syed, H.: Bounds on differential and linear branch number of permutations. In: Susilo, W., Yang, G. (eds.) ACISP 2018. LNCS, vol. 10946, pp. 207–224. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93638-3_13

    Chapter  MATH  Google Scholar 

  39. Stern, J., Vaudenay, S.: CS-Cipher. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 189–204. Springer, Heidelberg (1998). https://doi.org/10.1007/3-540-69710-1_13

    Chapter  Google Scholar 

  40. Stewin, P., Bystrov, I.: Understanding DMA malware (2012)

    Google Scholar 

  41. Todo, Y.: Structural evaluation by generalized integral property. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 287–314. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_12

    Chapter  Google Scholar 

  42. Vaudenay, S.: On the security of CS-cipher. In: Knudsen, L. (ed.) FSE 1999. LNCS, vol. 1636, pp. 260–274. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48519-8_19

    Chapter  Google Scholar 

  43. Xiang, Z., Zhang, W., Bao, Z., Lin, D.: Applying MILP method to searching integral distinguishers based on division property for 6 lightweight block ciphers. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 648–678. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53887-6_24

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. imec-COSIC, Department of Electrical Engineering (ESAT), KU Leuven, Leuven, Belgium

    Raluca Posteuca & Vincent Rijmen

  2. Department of Informatics, University of Bergen, 5020, Bergen, Norway

    Vincent Rijmen

Authors
  1. Raluca Posteuca
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vincent Rijmen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Raluca Posteuca .

Editor information

Editors and Affiliations

  1. Università degli Studi di Salerno, Fisciano, Italy

    Clemente Galdi

  2. University of California at Irvine, Irvine, CA, USA

    Stanislaw Jarecki

Appendices

Appendix 1. The Byte Description of the Sbox S

Table 4. The Sbox S. The output associated to the hexadecimal input xy can be depicted from the intersection of the row x0 and the column 0y. For example, \(S(c2) = 5d\).
Full size table

Appendix 2. The Integral Distinguisher Described in Sect. 6.3

We recall that, for this distinguisher, the first row is “active”, with the additional constraint that the tweak is equal to the plaintext.

Fig. 9.
figure 9

The 3-round integral distinguisher described in Sect. 6.3.

Full size image

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Posteuca, R., Rijmen, V. (2022). RAMus- A New Lightweight Block Cipher for RAM Encryption. In: Galdi, C., Jarecki, S. (eds) Security and Cryptography for Networks. SCN 2022. Lecture Notes in Computer Science, vol 13409. Springer, Cham. https://doi.org/10.1007/978-3-031-14791-3_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-14791-3_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-14790-6

  • Online ISBN: 978-3-031-14791-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation