Abstract
The widespread advent of the Internet-of-Things has motivated new design strategies for lightweight block ciphers. In particular, security against traditional cryptanalysis should ideally be complemented by resistance to side-channel attacks, while adhering to low area and power requirements. In FSE 2018, Ghoshal et al. proposed a dedicated design strategy based upon Cellular Automata (CA) for S-Boxes that are amenable to side-channel secure threshold implementations. However, CA-based S-Boxes have some limitations concerning the absence of BOGI properties and low branch numbers making them vulnerable to classical cryptanalysis attacks. In this paper, we address the vulnerabilities of these weak S-Boxes by complementing them with an ultra-lightweight linear layer and subsequently building (Light but Tight) \(\textsf {LbT} \) - the area-efficient and side-channel resilient family of block ciphers. This super-optimal cellular automata (CA)-rule-based S-Box layer is appropriately complemented with a linear layer consisting of shuffle cells and matrix multiplication with an ultra-lightweight almost-MDS matrix with only 6-XOR gates. This ensures high diffusion at the cost of a minimal area overhead. Hence, we show that these vulnerable S-Boxes are not weak but when complemented appropriately with proper linear layer can lead to cryptographically strong as well as lightweight cipher design. Overall, the TI-protected circuit of \(\textsf {LbT} \) requires an area footprint of only 3063 GE, which is \(12\%\) lower than any first-order side-channel protected implementation among all of the existing lightweight block ciphers. Finally, we illustrate that LbT-64-128 obtains a reasonable throughput when compared to other lightweight block ciphers.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Daemen, J., Rijmen, V.: AES proposal: Rijndael. Gaithersburg, MD, USA (1999)
Andreeva, E., et al.: Primates v1. Submission to the CAESAR Competition (2014)
Banik, S., Bogdanov, A., Regazzoni, F.: Exploring energy efficiency of lightweight block ciphers. In: Dunkelman, O., Keliher, L. (eds.) SAC 2015. LNCS, vol. 9566, pp. 178–194. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31301-6_10
Banik, S., Funabiki, Y., Isobe, T.: More results on shortest linear programs. In: Attrapadung, N., Yagi, T. (eds.) IWSEC 2019. LNCS, vol. 11689, pp. 109–128. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26834-3_7
Banik, S., Pandey, S.K., Peyrin, T., Sasaki, Yu., Sim, S.M., Todo, Y.: GIFT: a small present. Towards reaching the limit of lightweight encryption. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 321–345. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_16
Banik, S., et al.: SUNDAE: small universal deterministic authenticated encryption for the internet of things. IACR Trans. Symmetric Cryptol. 2018(3), 1–35 (2018). https://doi.org/10.13154/tosc.v2018.i3.1-35, https://tosc.iacr.org/index.php/ToSC/article/view/7296
Beierle, C., Canteaut, A., Leander, G., Rotella, Y.: Proving resistance against invariant attacks: how to choose the round constants. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10402, pp. 647–678. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63715-0_22
Beierle, C., Leander, G., Moradi, A., Rasoolzadeh, S.: Craft: lightweight tweakable block cipher with efficient protection against dfa attacks. Cryptology ePrint Archive, Report 2019/210 (2019). https://eprint.iacr.org/2019/210
Bellizia, D., et al.: Spook: sponge-based leakage-resistant authenticated encryption with a masked tweakable block cipher. IACR Trans. Symmetric Cryptol. 2020(S1), 295–349 (2020)
Bilgin, B.: Threshold implementations: as countermeasure against higher-order differential power analysis (2015)
Bilgin, B., et al.: Low and depth and efficient inverses: a guide on s-boxes for low-latency masking. IACR Trans. Symmetric Cryptol. 2020(1), 144–184 (2020). https://doi.org/10.13154/tosc.v2020.i1.144-184, https://tosc.iacr.org/index.php/ToSC/article/view/8562
Bogdanov, A., Knežević, M., Leander, G., Toz, D., Varıcı, K., Verbauwhede, I.: spongent: a lightweight hash function. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 312–325. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23951-9_21
Bogdanov, A., et al.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74735-2_31
Chakraborti, A., Datta, N., Jha, A., Mitragotri, S., Nandi, M.: From combined to hybrid: making feedback-based AE even smaller. IACR Trans. Symmetric Cryptol. 2020(S1), 417–445 (2020)
Chakraborti, A., Iwata, T., Minematsu, K., Nandi, M.: Blockcipher-based authenticated encryption: how small can we go? In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 277–298. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_14
Coron, J.-S., Nielsen, J.B. (eds.): EUROCRYPT 2017. LNCS, vol. 10212. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56617-7
Daemen, J., Hoffert, S., Van Assche, G., Van Keer, R.: The design of xoodoo and xoofff. IACR Trans. Symmetric Cryptol. 2018, 1–38 (2018)
Daemen, J., Knudsen, L., Rijmen, V., The block cipher square: The block cipher square. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–165. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052343
De Cnudde, T., Bilgin, B., Reparaz, O., Nikov, V., Nikova, S.: Higher-order threshold implementation of the AES S-Box. In: Homma, N., Medwed, M. (eds.) CARDIS 2015. LNCS, vol. 9514, pp. 259–272. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31271-2_16
Dobraunig, C., Eichlseder, M., Mendel, F., Schläffer, M.: Ascon v1. 2: lightweight authenticated encryption and hashing. J. Cryptol. 34(3), 1–42 (2021)
Eskandari, Z., Kidmose, A.B., Kölbl, S., Tiessen, T.: Finding integral distinguishers with ease. Cryptology ePrint Archive, Report 2018/688 (2018). https://eprint.iacr.org/2018/688
Ghoshal, A., Sadhukhan, R., Patranabis, S., Datta, N., Picek, S., Mukhopadhyay, D.: Lightweight and side-channel secure 4 \(\times \) 4 s-boxes from cellular automata rules. IACR Trans. Symmetric Cryptol. 2018(3), 311–334 (2018). https://doi.org/10.13154/tosc.v2018.i3.311-334
Goodwill, G., Jun, B., Jaffe, J., Rohatgi, P.: P.: a testing methodology for side-channel resistance validation, NIAT (2011)
Gueron, S., Lindell, Y.: Simple, submission to nist lightweight cryptography project 2019 (2019)
Guo, J., Jean, J., Nikolic, I., Qiao, K., Sasaki, Y., Sim, S.M.: Invariant subspace attack against midori64 and the resistance criteria for s-box designs. IACR Trans. Symmetric Cryptol. 2016(1), 33–56 (2016). https://doi.org/10.13154/tosc.v2016.i1.33-56, https://tosc.iacr.org/index.php/ToSC/article/view/534
Guo, J., Peyrin, T., Poschmann, A.: The PHOTON family of lightweight hash functions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 222–239. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_13
Gupta, N., Jati, A., Chattopadhyay, A., Sanadhya, S.K., Chang, D.: Threshold implementations of gift: a trade-off analysis. Cryptology ePrint Archive, Report 2017/1040 (2017). https://eprint.iacr.org/2017/1040
Gutiérrez, A., Sim, S., Peyrin, T., Sarkar, S., Sasaki, Y.: Official comment: trifle. email to LWC-forum (2019). https://csrc.nist.gov/CSRC/media/Projects/Lightweight-Cryptography/documents/round-1/official-comments/TRIFLE-official-comment.pdf
Handschuh, H.: SHA family (secure hash algorithm). In: van Tilborg, H.C.A. (eds.) Encyclopedia of Cryptography and Security. Springer, Boston (2005). https://doi.org/10.1007/0-387-23483-7_388
Cheng, H., Heys, H.M.: Compact ASIC implementation of the iceberg block cipher with concurrent error detection. In: 2008 IEEE International Symposium on Circuits and Systems, pp. 2921–2924 (2008)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25
Leander, G., Abdelraheem, M.A., AlKhzaimi, H., Zenner, E.: A cryptanalysis of PRINTcipher: the invariant subspace attack. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 206–221. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_12
Mangard, S., Pramstaller, N., Oswald, E.: Successfully attacking masked AES hardware implementations. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 157–171. Springer, Heidelberg (2005). https://doi.org/10.1007/11545262_12
Minematsu, K.: AES-OTR v3.1. Submission to CAESAR (2016). https://competitions.cr.yp.to/round3/aesotrv31.pdf
Naito, Y., Matsui, M., Sugawara, T., Suzuki, D.: SAEB: a lightweight blockcipher-based AEAD mode of operation. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(2), 192–217 (2018)
Naito, Y., Sugawara, T.: Lightweight authenticated encryption mode of operation for tweakable block ciphers. Cryptology ePrint Archive, Report 2019/339 (2019). https://eprint.iacr.org/2019/339
Nikova, S., Rechberger, C., Rijmen, V.: Threshold implementations against side-channel attacks and glitches. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 529–545. Springer, Heidelberg (2006). https://doi.org/10.1007/11935308_38
Piret, G., Quisquater, J.-J.: A differential fault attack technique against SPN structures, with application to the AES and Khazad. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 77–88. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45238-6_7
Sarkar, S., Syed, H., Sadhukhan, R., Mukhopadhyay, D.: Lightweight design choices for LED-like block ciphers. In: Patra, A., Smart, N.P. (eds.) INDOCRYPT 2017. LNCS, vol. 10698, pp. 267–281. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-71667-1_14
Satoh, A., Sugawara, T., Homma, N., Aoki, T.: High-performance concurrent error detection scheme for AES hardware. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 100–112. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85053-3_7
Schneider, T., Moradi, A., Güneysu, T.: ParTI – towards combined hardware countermeasures against side-channel and fault-injection attacks. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 302–332. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53008-5_11
Simon, T., et al.: Friet: an authenticated encryption scheme with built-in fault detection. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12105, pp. 581–611. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45721-1_21
Xiang, Z., Zhang, W., Bao, Z., Lin, D.: Applying milp method to searching integral distinguishers based on division property for 6 lightweight block ciphers. Cryptology ePrint Archive, Report 2016/857 (2016). https://eprint.iacr.org/2016/857
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Sadhukhan, R., Chakraborty, A., Datta, N., Patranabis, S., Mukhopadhyay, D. (2022). Light but Tight: Lightweight Composition of Serialized S-Boxes with Diffusion Layers for Strong Ciphers. In: Batina, L., Picek, S., Mondal, M. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2022. Lecture Notes in Computer Science, vol 13783. Springer, Cham. https://doi.org/10.1007/978-3-031-22829-2_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-22829-2_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-22828-5
Online ISBN: 978-3-031-22829-2
eBook Packages: Computer ScienceComputer Science (R0)