Reference : Alzette: A 64-bit ARX-box
E-prints/Working papers : Already available on another site
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/41994
Alzette: A 64-bit ARX-box
English
Beierle, Christof [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > > ; Ruhr-Universität Bochum - RUB > Horst Gortz Institute for IT Security]
Biryukov, Alex mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) > ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)]
Cardoso Dos Santos, Luan [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Groszschädl, Johann mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Perrin, Léo Paul [Inria, Paris, France]
Udovenko, Aleksei [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) >]
Velichkov, Vesselin [University of Edinburgh]
Wang, Qingju [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
2019
No
[en] Symmetric Cryptography ; Addition-Rotation-XOR (ARX) ; Cryptographic Permutation ; Substitution-Box ; Linear Cryptanalysis ; Differential Cryptanalysis
[en] S-boxes are the only source of non-linearity in many symmetric primitives. While they are often defined as being functions operating on a small space, some recent designs propose the use of much larger ones (e.g., 32 bits). In this context, an S-box is then defined as a subfunction whose cryptographic properties can be estimated precisely. In this paper, we present a 64-bit ARX-based S-box called Alzette, which can be evaluated in constant time using only 12 instructions on modern CPUs. Its parallel application can also leverage vector (SIMD) instructions. One iteration of Alzette has differential and linear properties comparable to those of the AES S-box, while two iterations are at least as secure as the AES super S-box. Since the state size is much larger than the typical 4 or 8 bits, the study of the relevant cryptographic properties of Alzette is not trivial.
Fonds National de la Recherche - FnR ; University of Luxembourg - UL
FDISC
Researchers ; Professionals ; Students
http://hdl.handle.net/10993/41994
https://eprint.iacr.org/2019/1378
FnR ; FNR9037104 > Aleksei Udovenko > > Evaluation of Authenticated Ciphers > 01/05/2015 > 30/04/2019 > 2014

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
preprint.pdfAuthor preprint427.43 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.