A New Method for Designing Lightweight S-Boxes With High Differential and Linear Branch Numbers, and its Application

Hangi Kim; Yongjin Jeon; Giyoon Kim; Jongsung Kim; Bo-Yeon Sim; Dong-Guk Han; Hwajeong Seo; Seonggyeom Kim; Seokhie Hong; Jaechul Sung; Deukjo Hong

doi:10.1109/ACCESS.2021.3126008

IEEE Access (Jan 2021)

A New Method for Designing Lightweight S-Boxes With High Differential and Linear Branch Numbers, and its Application

Hangi Kim,
Yongjin Jeon,
Giyoon Kim,
Jongsung Kim,
Bo-Yeon Sim,
Dong-Guk Han,
Hwajeong Seo,
Seonggyeom Kim,
Seokhie Hong,
Jaechul Sung,
Deukjo Hong

Affiliations

Hangi Kim: Department of Financial Information Security, Kookmin University, Seoul, Republic of Korea
Yongjin Jeon: ORCiD; Department of Financial Information Security, Kookmin University, Seoul, Republic of Korea
Giyoon Kim: Department of Financial Information Security, Kookmin University, Seoul, Republic of Korea
Jongsung Kim: ORCiD; Department of Financial Information Security, Kookmin University, Seoul, Republic of Korea
Bo-Yeon Sim: Intelligent Convergence Research Laboratory, Electronics and Telecommunications Research Institute, Daejeon, Republic of Korea
Dong-Guk Han: ORCiD; Department of Financial Information Security, Kookmin University, Seoul, Republic of Korea
Hwajeong Seo: ORCiD; Division of IT Convergence Engineering, Hansung University, Seoul, Republic of Korea
Seonggyeom Kim: ORCiD; School of Cybersecurity, Korea University, Seoul, Republic of Korea
Seokhie Hong: ORCiD; School of Cybersecurity, Korea University, Seoul, Republic of Korea
Jaechul Sung: ORCiD; Department of Mathematics, University of Seoul, Seoul, Republic of Korea
Deukjo Hong: Department of Information Technology and Engineering, Jeonbuk National University, Jeonju, Republic of Korea

DOI: https://doi.org/10.1109/ACCESS.2021.3126008
Journal volume & issue: Vol. 9
pp. 150592 – 150607

Abstract

Read online

Bit permutations are efficient linear functions often used for lightweight cipher designs. However, they have low diffusion effects, compared to word-oriented binary and maximum distance separable (MDS) matrices. Thus, the security of bit permutation-based ciphers is significantly affected by differential and linear branch numbers (DBN and LBN) of nonlinear functions. In this paper, we introduce a widely applicable method for constructing S-boxes with high DBN and LBN. Our method exploits constructions of S-boxes from smaller S-boxes and it derives/proves the required conditions for smaller S-boxes so that the DBN and LBN of the constructed S-boxes are at least 3. These conditions enable us to significantly reduce the search space required to create such S-boxes. Using the unbalanced-Bridge and unbalanced-MISTY structures, we develop a variety of new lightweight S-boxes that provide not only both DBN and LBN of at least 3 but also efficient bitsliced implementations including at most 11 nonlinear bitwise operations. The new S-boxes are the first that exhibit these characteristics.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords