Reference : Alzette: A 64-Bit ARX-box (Feat. CRAX and TRAX)
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/44260
Alzette: A 64-Bit ARX-box (Feat. CRAX and TRAX)
English
Beierle, Christof [Ruhr University Bochum > Horst Görtz Institute for IT-Security]
Biryukov, Alex mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)]
Cardoso Dos Santos, Luan mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Groszschädl, Johann mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Perrin, Léo [Inria, Paris]
Udovenko, Aleksei [CryptoExperts, Paris]
Velichkov, Vesselin [University of Edinburgh > School of Informatics]
Wang, Qingju mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) >]
Aug-2020
Advances in Cryptology -- CRYPTO 2020, 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17-21, 2020, Proceedings, Part III
Micciancio, Daniele
Ristenpart, Thomas
Springer Verlag
Lecture Notes in Computer Science, volume 12172
419-448
Yes
International
978-3-030-56876-4
40th Annual International Cryptology Conference (CRYPTO 2020)
from 17-08-2020 to 21-08-2020
IACR
Santa Barbara, CA
USA
[en] (Tweakable) Block Cipher ; Related-Tweak Setting ; Long Trail Strategy ; Alzette ; MEDCP ; MELCC
[en] S-boxes are the only source of non-linearity in many symmetric primitives. While they are often defined as being functions operating on a small space, some recent designs propose the use of much larger ones (e.g., 32 bits). In this context, an S-box is then defined as a subfunction whose cryptographic properties can be estimated precisely. We present a 64-bit ARX-based S-box called Alzette, which can be evaluated in constant time using only 12 instructions on modern CPUs. Its parallel application can also leverage vector (SIMD) instructions. One iteration of Alzette has differential and linear properties comparable to those of the AES S-box, and two are at least as secure as the AES super S-box. As the state size is much larger than the typical 4 or 8 bits, the study of the relevant cryptographic properties of Alzette is not trivial. We further discuss how such wide S-boxes could be used to construct round functions of 64-, 128- and 256-bit (tweakable) block ciphers with good cryptographic properties that are guaranteed even in the related-tweak setting. We use these structures to design a very lightweight 64-bit block cipher (Crax) which outperforms SPECK-64/128 for short messages on micro-controllers, and a 256-bit tweakable block cipher (Trax) which can be used to obtain strong security guarantees against powerful adversaries (nonce misuse, quantum attacks).
Deutsche Forschungsgemeinschaft (DFG) ; Fonds National de la Recherche - FnR ; University of Luxembourg - UL
http://hdl.handle.net/10993/44281
10.1007/978-3-030-56877-1_15
http://link.springer.com/chapter/10.1007/978-3-030-56877-1_15
FnR ; FNR9037104 > Aleksei Udovenko > > Evaluation of Authenticated Ciphers > 01/05/2015 > 30/04/2019 > 2014

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
main.pdfPublisher postprint583.92 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.