低延迟S盒的构造及双向低延迟性质研究  

作　　者：吴瑞宸 张蕾[1,3] WU Rui-chen;ZHANG Lei(Institute of Software Chinese Academy of Sciences,Beijing 100190,China;University of Chinese Academy of Sciences,Beijing 100049,China;State Key Laboratory of Cryptology,Beijing 100878,China)

机构地区：[1]中国科学院软件研究所,北京100190 [2]中国科学院大学,北京100049 [3]密码科学技术全国重点实验室,北京100878

出　　处：《电子学报》2024年第11期3769-3779,共11页Acta Electronica Sinica

基　　金：中国科学院稳定支持基础研究领域青年团队计划(No.YSBR-035)。

摘　　要：低延迟分组密码的设计是目前密码学研究中的热点之一,其中低延迟S盒的构造是设计中的重要研究方向.本文基于低延迟门电路和两层树型结构,搜索不同延迟水平下具有一定密码学性质的低延迟平衡布尔函数及其拓展比特置换等价类;基于将低延迟布尔函数作为分量布尔函数构造向量布尔函数的方法,本文构造得到了不同延迟水平下的低延迟S盒,并给出延迟性质和硬件实现面积具有优势的S盒实例;此外,本文对低延迟的S盒集合与逆S盒集合匹配搜索具有双向低延迟性质的S盒,给出搜索得到的实例.与PRINCE、MANTIS等其他低延迟分组密码中使用的4 bit S盒相比,本文构造的低延迟S盒在延迟水平上相较MANTIS降低了20%,与PRINCE相比降低了33%,在硬件实现面积上相较MANTIS减少了6.68%,与PRINCE相比减少了17.69%.The quest for low-latency block ciphers is a burgeoning area of interest within the cryptographic community,with the development of low-latency S-boxes standing as a pivotal avenue of exploration.Leveraging gate circuits of minimal latency and a novel two-layer tree structure,our study delves into the construction of balanced Boolean functions and their ex⁃tended bit permutation equivalence classes that manifest desirable cryptographic properties across varied latency thresholds.Utilizing these low-latency Boolean functions as coordinate functions,we craft vectorial Boolean functions to construct Sboxes with low-latency.Our research not only furnishes S-boxes optimized for latency performance and hardware implementa⁃tion area but also pioneers the amalgamation of low-latency S-box sets with their corresponding inverse sets,searching for Sboxes with bidirectional low-latency property.The low-latency S-box in our investigation outperform existing benchmarks and offer more choices,showcasing a latency reduction of 20%and 33%over MANTIS and PRINCE,alongside achieving a hardware area reduction of 6.68%compared to MANTIS and a substantial improvement of 17.69%against PRINCE.

关 键 词：低延迟分组密码 低延迟S盒 门电路 向量布尔函数 双向低延迟性质 

分 类 号：TP302[自动化与计算机技术—计算机系统结构]