您的位置:山东大学 -> 科技期刊社 -> 《山东大学学报(理学版)》

山东大学学报(理学版) ›› 2018, Vol. 53 ›› Issue (7): 85-94.doi: 10.6040/j.issn.1671-9352.0.2017.566

• • 上一篇    

一类轻量级最优S盒的构造方法

李昂,关杰   

  1. 解放军信息工程大学密码工程学院, 河南 郑州 450001
  • 收稿日期:2017-10-31 出版日期:2018-07-20 发布日期:2018-07-03
  • 作者简介:李昂(1992— ),男,硕士研究生,主要研究方向为分组密码的设计与分析. E-mail:liang_cipher@163.com
  • 基金资助:
    国家自然科学基金资助项目(61572516)

Construction methods for a class of lightweight optimal S-boxes

LI Ang, GUAN Jie   

  1. Institute of Cryptography Engineering, The PLA Information Engineering University, Zhengzhou 450001, Henan, China
  • Received:2017-10-31 Online:2018-07-20 Published:2018-07-03

PDF (PC)

960

摘要: S盒是对称密码算法中主要的非线性部件,其密码性质的好坏将直接影响到密码算法的整体安全性。给出了一类4比特最优S盒的构造方法,证明了此类最优S盒属于同一仿射等价类G1,统计给出其差分、线性和代数次数等密码学性质,计算出此类S盒的硬件实现平均等效门数为25.6。在此基础上,通过带轮密钥的3轮MISTY结构和Feistel结构构造了一类8比特S盒,给出了结构最优性的定义,并给出8比特S盒达到结构最优性的一个充分条件。

关键词: 最优S盒, Feistel结构, 结构最优性, MISTY结构, 仿射等价

Abstract: S-boxes are fundamental nonlinear components used in symmetric ciphers. The security of the ciphers is directly affected by the cryptographic properties of the S-boxes. This paper presents a construction method for a class of 4-bit optimal S-boxes, and proves that these optimal S-boxes can be classified into the same affine equivalent class G1. For each optimal S-boxes, we count their differential, linear properties and algebraic degree, then get the average number of equivalent gate of 25.6 in hardware implement. Furthermore, utilizing three-round MISTY and Feistel structure with sub-keys, we investigate the problem of constructing 8 bit S-boxes. Using a new definition called structure-optimality, we put forward a sufficient condition when 8-bit S-boxes reach the structure-optimality.

Key words: Feistel, affine equivalence, structure-optimality, optimal S-boxes, MISTY

中图分类号: 

  • TN918
[1] SORKIN A. Lucifer: a cryptographic algorithm[J]. Cryptologia, 1984, 8(1):22-42.
[2] 杨威, 万武南,陈运,等. 适用于受限设备的轻量级密码综述[J].计算机应用, 2014,34(7):1871-1877. YANG Wei, WAN Wunan, CHEN Yun, et al. Review on lightweight cryptography suitable for constrained devices[J]. Journal of Computer Applications, 2014, 34(7):1871-1877.
[3] SHANNON C E. Communication theory of secrecy systems[J]. Bell Technical Journal, 1949, 28(4):656-715.
[4] CHABAUD F, VAUDENAY S. Links between differential and linear cryptanalysis[C] // Proceedings of EUROCRYPT '94. Berlin: Springer-Verlag, 1995: 356-365.
[5] LEANDER G. On the classification of 4 bit S-boxes[C] // Proceedings of Arithmetic of Finite Fields. Berlin: Springer-Verlag, 2007: 159-176.
[6] ULLRICH M, PRENEEL B. Finding optimal bitsliced implementations of 4×4 S-boxes[EB/OL].[2017-02-03]. https://www.esat.kuleuven.be/cosic/publications/article-2007.pdf.
[7] SHIBUTANI K, ISOBE T, MITSUDA A. Piccolo: an ultra-lightweight blockcipher[C] // Proceedings of the 13th International Workshop on Cryptographic Hardware and Embedded Systems(CHES 2011). Berlin: Springer-Verlag, 2011, 6917:342-357.
[8] GROSSO V, LEURENT G. LS-design: bitslice encryption for efficient masked software implementations[C] // Proceedings of the 21st International Workshop on Fast Software Encryption(FSE). Berlin: Springer-Verlag, 2015: 18-35.
[9] 吴文玲, 冯登国.分组密码的设计与分析[M].2版.北京:清华大学出版社,2009. WU Wenling, FENG Dengguo. Design and analysis of block ciphers [M]. 2 ed. Beijing: Tsinghua University Press, 2009.
[10] LIM C H. A revised version of CRYPTON: CRYPTON v1.0[C] // Proceedings of the 6th International Workshop on Fast Software Encryption. Berlin: Springer-Verlag, 1999: 31-45.
[11] 蒋超. 流密码算法中的Feistel化和S盒设计[D].上海:上海交通大学, 2009. JIANG Chao. Feistel and S-Box design in steam ciphers[D]. Shanghai: Shanghai Jiao Tong University, 2009.
[12] GUO J, POSCHMANN A. The PHOTON family of lightweight hash functions[C] // Proceedings of the 31st Annual International Cryptology Conference(CRYPTO). Berlin: Springer-Verlag, 2011, 6841:222-239.
[13] GUO J, POSCHMANN A. The LED block cipher[C] // Proceedings of the 13th International Workshop on Cryptographic Hardware and Embedded Systems(CHES 2011). Berlin: Springer-Verlag, 2011, 6917:326-341.
[14] CANTEAUT A, DUVAL S, LEURENT G. Construction of lightweight S-boxes using Feistel and MISTY structures[C] // Proceedings of the 22nd International Conference on Selected Areas in Cryptography(SAC 2015). Cham, Switzerland: Springer International Publishing, 2015: 373-393.
[15] LIDL R, NIEDERREITER H. Encyclopedia of mathematics and its applications[M]. Masachusetts: Addison-Wesley Publishing Company, 1983.
[16] GOOD T, BENAISSA M. ASIC hardware performance[C] // New Stream Cipher Designs. Berlin: Springer-Verlag, 2008: 267-293.
[17] BOYAR J, PERALTA R. A new combinational logic minimization technique with applications to cryptology[C] // Proceedings of the 9th International Symposium on Experimental Algorithms. Berlin: Springer-Verlag, 2010, 6049:178-189.
[18] ZHANG W, BAO Z. RECTANGLE: a bit-slice lightweight block cipher suitable for multiple platforms[J]. Science China, 2015, 58(122103):1-15.
[19] WU W, ZHANG L. LBlock: a lightweight block cipher[C] // Proceedings of the 9th International Conference on Applied Cryptography and Network Security(ACNS). Berlin: Springer-Verlag, 2011, 6715:327-344.
[20] BORGHOFF J, CANTEAUT A. PRINCE: a low-latency block cipher for pervasive computing applications-extended abstract[C] // Proceedings of the 18th International Conference on Theory and Application of Cryptology and Information Security(ASIACRYPT). Berlin: Springer-Verlag, 2012: 208-225.
[21] BOGDANOV A, KNUDSEN L, LEANDER G. PRESENT: an ultra-lightweight block cipher[C] //Proceedings of the 9th International Workshop on Cryptographic Hardware and Embedded Systems(CHES 2007). Berlin: Springer-Verlag, 2007: 450-466.
[22] SUZAKI T, MINEMATSU K. TWINE: a lightweight block cipher for multiple platforms[C] // Proceedings of SAC 2012. Berlin: Springer-Verlag, 2012: 339-354.
[23] LI Yongqiang, WANG Mingsheng. Constructions S-boxes for lightweight cryptography with feistel structure[C] // Proceedings of the 16th International Workshop Cryptographic Hardware and Embedded Systems. Berlin: Springer, 2014: 127-146.
[1] 程璐,魏悦川,李安辉,潘晓中. Midori算法的多维零相关线性分析[J]. 山东大学学报(理学版), 2018, 53(2): 88-94.
[2] 刘鸽,刘青青,张建中. 基于量子测量的随机数提取机制[J]. 山东大学学报(理学版), 2017, 52(11): 44-48.
[3] 谢淑翠,邵爱霞,张建中. 基于cluster态的量子多重代理盲签名方案[J]. 山东大学学报(理学版), 2017, 52(6): 105-110.
[4] 王威力,胡斌,赵秀凤. 一种高效的多身份全同态加密方案[J]. 山东大学学报(理学版), 2017, 52(5): 85-94.
[5] 张军琪,高海英. 在线/离线非单调CP-ABE方案构造[J]. 山东大学学报(理学版), 2016, 51(12): 78-86.
[6] 王国辉, 杜小妮, 万韫琦, 李芝霞. 周期为pq的平衡四元广义分圆序列的线性复杂度[J]. 山东大学学报(理学版), 2016, 51(9): 145-150.
[7] 孙天锋,胡斌. 最大代数免疫阶弹性函数的构造[J]. 山东大学学报(理学版), 2016, 51(5): 106-113.
[8] 殷勍,王念平. Piccolo结构抵抗差分和线性密码分析能力评估[J]. 山东大学学报(理学版), 2016, 51(3): 132-142.
[9] 卓泽朋, 崇金凤, 魏仕民. bent-negabent函数的构造[J]. 山东大学学报(理学版), 2015, 50(10): 47-51.
[10] 董向忠, 关杰. SIMON类算法轮函数的线性性质[J]. 山东大学学报(理学版), 2015, 50(09): 49-54.
[11] 王锦玲 兰娟丽. GF(q)上一类新型的广义自缩序列[J]. J4, 2009, 44(10): 91-96.
[12] 张立江,王 薇,魏普文 . 基于Weil对的(1, t)加密方案[J]. J4, 2007, 42(10): 9-12 .
[13] 王锦玲,刘宗成 . 主控生成器[J]. J4, 2008, 43(1): 81-87 .
[14] 于静之,张文英,刘祥忠 . 根据连续2n-1个状态写出单圈T函数ANF的方法[J]. J4, 2007, 42(4): 14-18 .
[15] 卓泽朋,崇金凤,魏仕民. Nega-Hadamard变换和negabent 函数[J]. J4, 2013, 48(7): 29-32.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
版权所有 © 2018 《山东大学学报(理学版)》编辑部 
地址: 山东省济南市山大南路27号山东大学中心校区(250100) 电话: +86-0531-88366917 E-mail: xblxb@sdu.edu.cn
本系统由北京玛格泰克科技发展有限公司设计开发