On the Design of Bit Permutation Based Ciphers - The Interplay Among S-box, Bit Permutation and Key-addition [article]

Sumanta Sarkar, Yu Sasaki, Siang Meng Sim
2020 IACR Cryptology ePrint Archive  
Bit permutation based block ciphers, like PRESENT and GIFT, are well-known for their extreme lightweightness in hardware implementation. However, designing such ciphers comes with one major challengeto ensure strong cryptographic properties simply depending on the combination of three components, namely S-box, a bit permutation and a key addition function. Having a wrong combination of components could lead to weaknesses. In this article, we studied the interaction between these components,
more » ... oved the theoretical security bound of GIFT and highlighted the potential pitfalls associated with a bit permutation based primitive design. We also conducted analysis on TRIFLE, a first-round candidate for the NIST lightweight cryptography competition, where our findings influenced the elimination of TRIFLE from second-round of the NIST competition. In particular, we showed that internal state bits of TRIFLE can be partially decrypted for a few rounds even without any knowledge of the key.
dblp:journals/iacr/SarkarSS20 fatcat:gf6ybgsp7vh5rkrfh6o3xwffi4