MK-3算法S盒硬件优化实现  

作　　者：李艳俊 张伟国[2] 葛耀东 LI Yanjun;ZHANG Weiguo;GE Yaodong(The 15th Research Institute of China Electronics Technology Group Corporation,Information Industry Information Security Evaluation Center,Beijing100083,China;Beijing Institute of Electronic Science and technology,Beijing 100070,China)

机构地区：[1]中国电子科技集团公司第十五研究所信息产业信息安全测评中心,北京100083 [2]北京电子科技学院,北京100070

出　　处：《微电子学与计算机》2022年第10期17-25,共9页Microelectronics & Computer

基　　金：广西密码学与信息安全重点实验室开放课题(GCIS201912)。

摘　　要：认证加密算法是一种对称密钥加密方案.在加密过程中提供机密和数据完整性.MK-3算法是一种基于简化双工海绵结构的认证加密算法,它支持私人定制.并且MK-3算法是第一个使用16比特S盒的算法.该算法使用的S盒采用有限域上的乘法逆元结合仿射变换来构造.这种设计在保证代数安全性的同时,还可以通过有限域上的同构映射变换来降低硬件实现资源.目前MK-3算法S盒硬件的实现方案仍有较大的改进空间.本文的方案利用多项式基构造有限域将GF(2^(16))上的求逆运算转换到复合域GF((28)2)中,方案搜索并评估了两个域转换的线性布尔函数,其中包含16个仿射等价的同构矩阵.在此基础上还给出了复合域GF((28)2)中基于不可约多项式的乘法运算、求逆运算和平方乘运算的实现结果.此方案采用3种最基础的逻辑门:与门、异或门、非门.并适应所有门电路工艺.相对于目前最优的MK-3算法S盒硬件实现,本文的方案至少减少58.3%的电路面积.从FPGA仿真角度讲,本文的方案至少减少47.5%的查表资源.Authentication encryption algorithm is a symmetric key encryption scheme.Provide confidentiality and data integrity during encryption.Mk-3 algorithm is an authentication encryption algorithm based on simplified duplex sponge structure,which supports private customization.And mk-3 algorithm is the first algorithm using 16 bit S-box.The S-box used in the algorithm is constructed by multiplicative inverse element on finite field and affine transformation.While ensuring algebraic security,this design can also reduce hardware implementation resources through isomorphic mapping transformation over finite fields.At present,the implementation scheme of mk-3 algorithm S-box hardware still has great room for improvement.In this scheme,the polynomial basis is used to construct a finite field GF(2^(16)),and the inverse operation on is transformed into a composite field GF((28)2).The scheme searches and evaluates the linear Boolean functions transformed by two fields,including 16 affine equivalent isomorphic matrices.On this basis,the implementation results of multiplication,inversion and square multiplication based on irreducible polynomials in composite field GF((28)2)are also given.This scheme adopts three basic logic gates:AND gate,XOR gate and NOT gate.And adapt to all gate circuit processes.Compared with the current optimal S-box hardware implementation of mk-3 algorithm,the scheme in this paper reduces the circuit area by at least 58.3%.From the perspective of FPGA simulation,the scheme in this paper reduces the table lookup resources by at least 47.5%.

关 键 词：认证加密 MK-3算法 多项式基 16比特S盒 有限域 

分 类 号：TN918[电子电信—通信与信息系统]