Skip to main content
SpringerLink
Log in

Investigation for 8-bit SKINNY-like S-boxes, analysis and applications

  • Published:
Cryptography and Communications Aims and scope Submit manuscript

Abstract

Nowadays, ciphers have been widely used in high-end platforms, resource-constrained, and side-channel attacks vulnerable environments. This motivates various S-boxes aimed at providing a good trade-off between security and efficiency. For small S-boxes, the most natural approach of constructing such S-boxes is a comprehensive search in the space of permutations, which inevitably becomes more challenging when the size grows. For large S-boxes (e.g., 8-bit), previous works concentrated on creations from finite fields or smaller ones (e.g., 4-bit). This paper proposes a new algorithm with a layered structure to search for 8-bit SKINNY-like S-boxes. We compare our new S-box with the original 8-bit SKINNY S-box by analyzing its security properties. Besides, due to our searching algorithm’s rules and constraints, SKINNY-like S-boxes have other features of lightweight implementation, low multiplicative complexity, low AND depth, and an effective inverse. Eventually, the searching algorithm outputs 224000 8-bit SKINNY-like S-boxes. The cipher designers can use these new S-boxes to construct lightweight block ciphers with easy-to-mask property and efficient implementation performance.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2

Similar content being viewed by others

Notes

  1. For instance, there exits 256! ≈ 21684 possible permutations in \(\mathbb {F}_{2}^{8} \rightarrow \mathbb {F}_{2}^{8}\).

  2. \({x_{i}^{j}}\) is the j-th state bit in the i-th layer, where j ∈{0, 1,…,n − 1} and i ∈{0, 1,…, − 1}.

  3. In the rest of this paper, unless otherwise stated, the SKINNY-like S-box refers to an 8-bit S-box.

  4. f0 is derived from the special invertible instructions (ab) ⊕ cc [21].

  5. ∈{1, 2, 3}. The 0-th layer denotes the Input layer.

  6. In the rest of this paper, unless otherwise stated, SKINNY refers to its 128-bit block version.

  7. According to AVX implementation of SKINNY cipher given at https://github.com/kste/skinny_avx/tree/master/skinny128/avx2, we modify partial program about S-box to obtain parallel bit-sliced implementations.

References

  1. Alfarano, G.N., Beierle, C., Isobe, T., Kölbl, S., Leander, G.: Shiftrows alternatives for AES-like ciphers and optimal cell permutations for Midori and Skinny. IACR Trans. Symmetric Cryptol. 2018(2), 20–47 (2018)

    Article  Google Scholar 

  2. Andreeva, E., Bilgin, B., Bogdanov, A., Luykx, A., Mennink, B., Mouha, M., Yasuda, K.: APE: Authenticated Permutation-Based Encryption for Lightweight Cryptography. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp 168–186 (2014)

  3. Andreeva, E., Lallemand, V., Purnal, A., Reyhanitabar, R., Roy, A., Vizär, D.: ForkAE (v1.0). https://csrc.nist.gov/CSRC/media/Projects/Lightweight-Cryptography/documents/round-1/spec-doc/forkae-spec.pdf (2019)

  4. Banik, S., Bogdanov, A., Isobe, T., Shibutani, K., Hiwatari, H., Akishita, T., Regazzoni, F.: Midori: A block cipher for low energy. In: Iwata T., Cheon J.H. (eds.) ASIACRYPT (2) 2015. LNCS, vol. 9453, pp 411–436 (2015)

  5. Bao, Z., Guo, J., Ling, S., Sasaki, Y.: PEIGEN - A platform for evaluation, implementation, and generation of S-boxes. IACR Trans. Symmetric Cryptol. 2019(1), 330–394 (2019)

    Article  Google Scholar 

  6. Beierle, C., Jean, J., Kölbl, S., Leander, G., Moradi, A., Peyrin, T., Sasaki, Y., Sasdrich, P., Sim, S.M.: The SKINNY Family of Block Ciphers and Its Low-Latency Variant MANTIS. In: Robshaw, M., Katz, J. (eds.) CRYPTO (2) 2016. LNCS, vol. 9815, pp 123–153 (2016)

  7. Beierle, C., Jean, J., Kölbl, S., Leander, G., Moradi, A., Peyrin, T., Sasaki, Y., Sasdrich, P., Sim, S.M.: Skinny-aead and skinny-hash (v1.0). https://csrc.nist.gov/CSRC/media/Projects/Lightweight-Cryptography/documents/round-1/spec-doc/SKINNY-spec.pdf (2019)

  8. Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptology. 4(1), 3–72 (1991)

    Article  MathSciNet  Google Scholar 

  9. Bilgin, B., Meyer, L.D., Duval, S., Levi, I., Standaert, F.-X.: Low AND depth and efficient inverses: A guide on S-boxes for low-latency masking. IACR Trans. Symmetric Cryptol.. 2020(1), 144–184 (2020)

    Article  Google Scholar 

  10. Boss, E., Grosso, V., Güneysu, T., Leander, G., Moradi, A., Schneider, T.: Strong 8-bit sboxes with efficient masking in hardware extended version. J. Cryptogr. Eng. 7(2), 149–165 (2017)

    Article  Google Scholar 

  11. Boyar, J., Matthews, P., Peralta, R.: Logic minimization techniques with applications to cryptology. J. Cryptology. 26(2), 280–312 (2013)

    Article  MathSciNet  Google Scholar 

  12. Canteaut, A., Duval, S., Leurent, G.: Construction of Lightweight S-boxes Using Feistel and MISTY Structures. In: Dunkelman, O., Keliher, L. (eds.) SAC 2015. LNCS, vol. 9566, pp 373–393 (2015)

  13. Carlet, C. In: Crama, Y., Hammer, P. (eds.) : Vectorial Boolean Functions for Cryptography, Chapter of the monography Boolean Models and Methods in Mathematics, Computer Science, and Engineering, pp 398–469. Cambridge University Press, Cambridge (2010)

  14. Carlet, C.: Boolean Functions for Cryptography and Coding Theory. Cambridge University Press, Cambridge (2020)

    Book  Google Scholar 

  15. Clavier, C., Reynaud, L.: Systematic and random searches for compact 4-bit and 8-bit cryptographic S-boxes. Cryptology ePrint Archive. Report 2019/1379. https://eprint.iacr.org/eprint-bin/cite.pl?entry=2019/1379 (2019)

  16. FIPS: Advanced encryption standard (AES) national institute of standards and technology (2001)

  17. Groß, H., Lusupov, R., Bloem, R.: Generic Low-Latency Masking in Hardware. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(2), 1–21 (2018)

    Google Scholar 

  18. Guo, J., Jean, J., Nikolic, I., Qiao, K., Sasaki, Y., Sim, S.M.: Invariant subspace attack against Midori64 and the resistance criteria for S-box designs. IACR Trans. Symmetric Cryptol. 2016(1), 33–56 (2016)

    Article  Google Scholar 

  19. Iwata, T., Khairallah, M., Minematsu, K., Peyrin, T.: Romulus (v1.0). https://csrc.nist.gov/CSRC/media/Projects/Lightweight-Cryptography/documents/round-1/spec-doc/Romulus-spec.pdf (2019)

  20. Iwata, T., Khairallah, M., Minematsu, K., Peyrin, T.: Remus (v1.0). https://csrc.nist.gov/CSRC/media/Projects/Lightweight-Cryptography/documents/round-1/spec-doc/Remus-spec.pdf (2019)

  21. Jean, J., Peyrin, T., Sim, S.M., Tourteaux, J.: Optimizing implementations of lightweight building blocks. IACR Trans. Symmetric Cryptol. 2017(4), 130–168 (2017)

    Article  Google Scholar 

  22. Leander, G., Poschmann, A.: On the Classification of 4 Bit S-boxes. In: Carlet, C., Sunar, B. (eds.) WAIFI2007. LNCS, vol. 4547, pp 159–176 (2007)

  23. Liskov, M.D., Rivest, R.L., Wagner, D.A.: Tweakable block ciphers. J. Cryptology. 24(3), 588–613 (2011)

    Article  MathSciNet  Google Scholar 

  24. Liu, G., Ghosh, M., Song, L.: Security analysis of SKINNY under related-tweakey settings (Long Paper). IACR Trans. Symmetric Cryptol. 2017(3), 37–72 (2017)

    Article  Google Scholar 

  25. Matsui, M.: Linear Cryptanalysis Method for DES Cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp 386–397 (1993)

  26. McKay, K., Bassham, L., Turan, M.S., Mouha, N.: Report on lightweight cryptography. https://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8114.pdf (2017)

  27. Nyberg, K.: Differentially Uniform Mappings for Cryptography. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp 55–64 (1993)

  28. Shannon, C.E.: Communication theory of secrecy systems. Bell Syst. Technical J. 28, 656–715 (1949)

    Article  MathSciNet  Google Scholar 

  29. Stoffelen, K.: Optimizing S-box Implementations for Several Criteria Using SAT Solvers. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp 140–160 (2016)

  30. Tiessen, T., Knudsen, L.R., Kölbl, S., Lauridsen, M.M.: Security of the AES with a Secret S-box. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp 175–189 (2015)

  31. Zhang, W., Cao, M., Guo, J., Pasalic, E.: Improved security evaluation of SPN block ciphers and its applications in the single-key attack on SKINNY. IACR Trans. Symmetric Cryptol. 2019(4), 171–191 (2019)

    Google Scholar 

  32. Zhao, B., Dong, X., Meier, W., Jia, K., Wang, G.: Generalized related-key rectangle attacks on block ciphers with linear key schedule: applications to SKINNY and GIFT. Des. Codes Cryptogr. 88(6), 1103–1126 (2020)

    Article  MathSciNet  Google Scholar 

Download references

Acknowledgements

This work has been supported by the National Natural Science Foundation of China (Grant No. 62032014), the National Key Research and Development Program of China (Grant No. 2018YFA0704702), the Major Basic Research Project of Natural Science Foundation of Shandong Province, China (Grant No. ZR202010220025), the National Natural Science Foundation of China (Grant No. 61902100), and the Program of Qilu Young Scholars of Shandong University (Grant No. 61580082063088).

Author information

Authors and Affiliations

  1. School of Cyber Science and Technology, Shandong University, Qingdao, Shandong, 266237, China

    Yanhong Fan, Weijia Wang, Yongqing Li & Meiqin Wang

  2. Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Qingdao, Shandong, 266237, China

    Yanhong Fan, Weijia Wang, Yongqing Li & Meiqin Wang

  3. Department of Mathematics, University of Paris VIII, F-93526 Saint-Denis, Laboratory Geometry, Analysis and Applications, LAGA, University Sorbonne Paris Nord, CNRS, UMR, 7539, F-93430, Villetaneuse, France

    Sihem Mesnager

  4. Telecom Paris, 91120, Palaiseau, France

    Sihem Mesnager

  5. School of Cyberspace, Hangzhou Dianzi University, Hangzhou, Zhejiang, 310018, China

    Tingting Cui

Authors
  1. Yanhong Fan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sihem Mesnager
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Weijia Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yongqing Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Tingting Cui
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Meiqin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Meiqin Wang.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendix A: Hardware implementation of some SKINNY-like S-Boxes

Appendix A: Hardware implementation of some SKINNY-like S-Boxes

In Table 5, (X7,X6,X5,X4,X3,X2,X1,X0) and (Y7,Y6,Y5,Y4,Y3,Y2,Y1,Y0) are defined as inputs and outputs of the S-boxes, and X7 and Y7 are the most significant bits (MSB).

Table 5 Hardware implementation of 7 new S-boxes mentioned in Table 2 and 3
Full size table

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Fan, Y., Mesnager, S., Wang, W. et al. Investigation for 8-bit SKINNY-like S-boxes, analysis and applications. Cryptogr. Commun. 13, 617–636 (2021). https://doi.org/10.1007/s12095-021-00486-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12095-021-00486-y

Keywords

Mathematics Subject Classification (2010)

Search

Navigation