A New Method for Designing Lightweight S-Boxes with High Differential and Linear Branch Numbers, and its Application

Hangi Kim, Yongjin Jeon, Giyoon Kim, Jongsung Kim, Bo Yeon Sim, Dong Guk Han, Hwajeong Seo, Seonggyeom Kim, Seokhie Hong, Jaechul Sung, Deukjo Hong

Research output: Contribution to journalArticlepeer-review

9 Citations (Scopus)

Abstract

Bit permutations are efficient linear functions often used for lightweight cipher designs. However, they have low diffusion effects, compared to word-oriented binary and maximum distance separable (MDS) matrices. Thus, the security of bit permutation-based ciphers is significantly affected by differential and linear branch numbers (DBN and LBN) of nonlinear functions. In this paper, we introduce a widely applicable method for constructing S-boxes with high DBN and LBN. Our method exploits constructions of S-boxes from smaller S-boxes and it derives/proves the required conditions for smaller S-boxes so that the DBN and LBN of the constructed S-boxes are at least 3. These conditions enable us to significantly reduce the search space required to create such S-boxes. Using the unbalanced-Bridge and unbalanced-MISTY structures, we develop a variety of new lightweight S-boxes that provide not only both DBN and LBN of at least 3 but also efficient bitsliced implementations including at most 11 nonlinear bitwise operations. The new S-boxes are the first that exhibit these characteristics.

Original languageEnglish
Pages (from-to)150592-150607
Number of pages16
JournalIEEE Access
Volume9
DOIs
Publication statusPublished - 2021

Bibliographical note

Publisher Copyright:
© 2013 IEEE.

Keywords

  • Lightweight S-boxes
  • differential and linear branch numbers
  • higher-order masking

ASJC Scopus subject areas

  • General Computer Science
  • General Materials Science
  • General Engineering

Fingerprint

Dive into the research topics of 'A New Method for Designing Lightweight S-Boxes with High Differential and Linear Branch Numbers, and its Application'. Together they form a unique fingerprint.

Cite this