CN112636899B - Lightweight S box design method - Google Patents
Lightweight S box design method Download PDFInfo
- Publication number
- CN112636899B CN112636899B CN202010994280.8A CN202010994280A CN112636899B CN 112636899 B CN112636899 B CN 112636899B CN 202010994280 A CN202010994280 A CN 202010994280A CN 112636899 B CN112636899 B CN 112636899B
- Authority
- CN
- China
- Prior art keywords
- box
- round
- bit
- transformation
- intermediate variable
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0625—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Optical Communication System (AREA)
Abstract
The invention discloses a design method of a lightweight S box. The invention can generate a light-weight 8-bit S box with good password property, the single-round logic operation of the box only involves 4-bit AND operation and 4-bit XOR operation, the difference uniformity is 16 after 4 rounds of iteration, the nonlinearity is 96, and the whole box is balanced (nonlinear replacement); compared with the prior art, the light-weight 8-bit S box obtained by the invention achieves known optimal cryptology indexes such as difference uniformity, nonlinearity and the like under the condition of low hardware resources, and solves the problem that the prior light-weight 8-bit S box is poor in cryptology properties such as difference uniformity, nonlinearity and the like.
Description
Technical Field
The invention relates to the technical field of communication encryption, in particular to a lightweight S box design method.
Background
The existing symmetric cryptographic algorithm design at home and abroad still adopts the ideas of confusion and diffusion proposed in Shannon 1949, and the relations among the plaintext, the ciphertext and the key are extremely complex through confusion and diffusion parts of the symmetric cryptographic algorithm, so that an attacker cannot obtain any information of the plaintext from the ciphertext or obtain any information of the key from a plaintext-ciphertext pair.
The "confusion" component commonly employs a nonlinear replacement S-Box (stasis Box). The S-box appears for the first time in the block cipher algorithm Lucifer and is widely popular with the use of the data Encryption algorithm Standard des (data Encryption Standard) published in 1977 by the national Institute of Standard technology, nist. The S box is the only nonlinear component in most cryptographic algorithms, the cryptographic property of the S box almost determines the security strength of the whole cryptographic algorithm, and the confusion effect of the whole cryptographic algorithm is greatly influenced.
An S-box of n-bit input m-bit output (abbreviated as n × m S-box) is defined as follows:
wherein f isi(X) is1,2, …, m, F2Representing a binary domain set consisting of 0 and 1,is represented by F2Constructed n-dimensional vector space, i.e. F2={0,1},
Algebraic normality, number of terms, and algebraic degree of the boolean function: each n-ary Boolean function f can be uniquely represented asAbove with respect to n arguments x1,x2,…,xnI.e.:
the above formula is called an algebraic normalization of Boolean function f, where a0,ai,aij,…,a12…n∈F2,Is F2The above addition operation. The number of nonzero monomials in the algebraic normal form of f is called the number of terms of f, and the maximum value of the algebraic degrees of all nonzero monomials is called the algebraic degree of the Boolean function f.
Hamming Weight (Hamming Weight): the Hamming weight wt (c) of a vector c is defined as the number of non-zero elements in the vector.
S Box balance:if S is takenEach value in (1) is the same as 2n-mNext, S is called the balance function.
S-box nonlinearity:for any purposeThe number of solutions of the equation α · x ═ β · s (x), i.e. expressed by the notation M (α, β), i.e.The non-linearity of S is 2n-1-maxα,β≠0M(α,β)/2。
S box difference uniformity:for any purposeBy symbolsN (a, b) represents the equationNumber of solutions, i.e.Difference uniformity of S is maxa≠0,bN(a,b)。
CCZ Equivalence (CCZ-equivalance): two S boxesIf presentBy affine substitution of A such thatFor any purposeThis is true.
The S box is generally stored in a table form, calling is realized by looking up the table, if the parameters n and m are too large, the design of the S box and the realization of a cryptographic algorithm are difficult, and currently, most cryptographic algorithms adopt 8 multiplied by 8S boxes. The cryptographic properties of the S-box mainly include: balance, nonlinearity, difference uniformity, algebraic times and term distribution, algebraic immune order, branch number and the like, aiming at the analysis and evaluation method of difference attack and linear attack, and a cipher algorithm designer mainly considers cipher properties such as the difference uniformity, the nonlinearity and the like of an S box.
Since 2004, aiming at the security and confidentiality requirements of RFID resource-limited equipment in the Internet of things, not only the security of a cryptographic algorithm and parts but also the resource indexes such as the number of hardware realized by the algorithm need to be considered during the design of the cryptographic algorithm. The hardware realization equivalent gate of the existing lightweight cryptographic algorithm suitable for RFID resource-limited equipment is generally not more than 2500 gates, and an S box realized by using a traditional table look-up mode is difficult to meet the hardware resource lightweight requirement of the cryptographic algorithm.
At present, researches such as design of a hardware resource lightweight S box and optimization realization of the S box based on an algebraic structure are also research hotspots and research focuses of scientific researchers in the field of domestic and foreign passwords, and some progress is made in some aspects, such as: the complete division of 16 equivalence classes is completed for 4 × 4S boxes with optimal cryptography properties, and such S boxes are widely applied to the design of light-weight block cipher algorithms such as PRINCE, MIDORI, SKINNY, and the like; the NBC, SPRING and other packet cryptographic algorithms provide 16 × 16, 32 × 32S-box lightweight design ideas, but the S-box based on the design ideas needs 20 or 32 iterations, the implementation mode has large time delay, and the 32 × 32S-box cannot completely describe the cryptographic properties such as difference uniformity, nonlinearity and the like at present; in the SKINNY-128 block cipher algorithm, a designer provides a design idea of designing 1 new 8 × 8S-boxes based on juxtaposition of 24 × 4S-boxes, but the 8 × 8S-boxes based on the design idea have weak cipher properties such as difference uniformity and nonlinearity, and only reach the optimal cipher property of 4 × 4S-boxes, and cannot reach the average value of the difference uniformity and nonlinearity of 8 × 8S-boxes generated in a random manner.
Disclosure of Invention
In order to overcome the defects in the prior art, the invention provides a design method of a light-weight S-box, which can generate a light-weight 8-bit S-box with good password property and solve the problem that the password property of the light-weight 8 x 8S-box, such as difference uniformity, nonlinearity and the like, is weak.
In order to achieve the purpose of the invention, the invention adopts the technical scheme that: a design method of a lightweight S-box comprises the following steps:
S2, n-bit input data (x) to S-box0,x1,x2,…,xn-2,xn-1) Traversal of {0,1, …,2 in turnn-1 all integer values corresponding to n-bit binary vector { (0,0,0, …,0,0), (0,0,0, …,0,1), …, (1,1,1, …,1)1), n-bit binary vector (x) corresponding to any integer value i0,x1,x2,…,xn-2,xn-1) According to a Boolean function f1And f2Carrying out 3 rounds of n-branch generalized Feistel structure round transformation and 1 round of nonlinear transformation to obtain n-bit intermediate variables, and carrying out bit combination on the n-bit intermediate variables to obtain the value Sbox (i) of the S box Sbox with the specification of n multiplied by n in the integer i, wherein i belongs to {0,1, …,2 ∈ [ ] [ ({ 0 [, ] 1, … [ ], 2 [ ])n-1};
S3, outputting an S box Sbox with n multiplied by n specification.
Further: boolean function f in the step S11And f2The number of iterations of (1) is not less than 2, and the algebraic normal form does not contain a 1-degree term and a constant term.
Further: boolean function f in the step S11And f2All comprise 2UA non-zero boolean function, where U is an intermediate parameter.
Further: the calculation formula of the intermediate parameter U is as follows:
U=2n-2-n+1。
further: the specific steps in step S2 are:
s21, inputting n-bit binary vector (x)0,x1,x2,…,xn-2,xn-1) Calculating the 1 st round of n round generalized Feistel structure round transformations, i.e. t01=x2,t11=x3,t21=x4,…,t(n-4)1=xn-2,t(n-3)1=xn-1,(t01,t11,t21,…,t(n-2)1,t(n-1)1) N bits of intermediate variable after the first round of transformation;
s22, for n-bit intermediate variable (t)01,t11,t21,…,t(n-2)1,t(n-1)1) Calculate round 2Wheel transformations of n generalized Feistel structures, i.e.t02=t21,t12=t31,t22=t41,…,t(n-4)2=t(n-2)1,t(n-3)2=t(n-1)1,t(n-2)2=T01,t(n-1)2=T11,(t02,t12,t22,…,t(n-2)2,t(n-1)2) The n-bit intermediate variable after the second round of transformation is obtained;
s23, for n-bit intermediate variable (t)02,t12,t22,…,t(n-2)2,t(n-1)2) Computing the round transformation of the 3 rd round n generalized Feistel structure, i.e.t03=t22,t13=t32,t23=t42,…,t(n-4)3=t(n-2)2,t(n-3)3=t(n-1)2,t(n-2)3=T02,t(n-1)3=T12,(t03,t13,t23,…,t(n-2)3,t(n-1)3) N bits of intermediate variable after the third round of transformation;
s24, for n-bit intermediate variable (t)03,t13,t23,…,t(n-2)3,t(n-1)3) Computing the 4 th round nonlinear transformation, i.e.(T03,T13,t23,…,t(n-2)3,t(n-1)3) N bits of intermediate variable after the fourth round of conversion;
s25, and applying n-bit intermediate variable (T)03,T13,t23,…,t(n-2)3,t(n-1)3) Bit combination is carried out to obtain the value of the S box Sbox with the specification of nxn at an integer i, namely y0=T03,y1=T13,y2=t23,y3=t33,…,yn-2=t(n-2)3,yn-1=t(n-1)3,Sbox(i)=y0||y1||y2||y3||…||yn-1,(y0,y1,y2,…,yn-2,yn-1) Data is output for S-box n bits.
Further: the n × n box S in step S3 has a size of 22UWherein U is an intermediate parameter.
The invention has the beneficial effects that: the invention designs a light weight S box generation method, which can generate a light weight 8-bit S box with good password property, wherein single round of logic operation only involves 4-bit AND operation and 4-bit XOR operation, after 4 rounds of iteration, the difference uniformity is 16, the nonlinearity is 96, and the whole is balanced (nonlinear replacement); compared with the prior art, the method achieves known optimal cryptology indexes such as difference uniformity, nonlinearity and the like while realizing low hardware resources, and solves the problem that the prior light-weight 8 x 8S-box has weak cryptology properties such as difference uniformity, nonlinearity and the like.
The method achieves the optimal difference uniformity and nonlinearity of the known light-weight S box under the condition of low hardware equivalent gate number resources, is simultaneously suitable for the operation modes of BitSlice and the like, has good compatibility and easy portability on different implementation platforms of 8 bits, 16 bits, 32 bits, 64 bits and the like, can be widely applied to the design of a symmetric cryptographic algorithm, and is particularly suitable for designing a light-weight cryptographic algorithm with high safety strength.
Drawings
FIG. 1 is a flow chart of the present invention.
Detailed Description
The following description of the embodiments of the present invention is provided to facilitate the understanding of the present invention by those skilled in the art, but it should be understood that the present invention is not limited to the scope of the embodiments, and it will be apparent to those skilled in the art that various changes may be made without departing from the spirit and scope of the invention as defined and defined in the appended claims, and all matters produced by the invention using the inventive concept are protected.
As shown in fig. 1, a method for designing a lightweight S-box includes the steps of:
S2, n-bit input data (x) to S-box0,x1,x2,…,xn-2,xn-1) Traversal of {0,1, …,2 in turnn-1} an n-bit binary vector { (0,0,0, …,0,0), (0,0,0, …,0,1), …, (1,1,1, …,1,1) } for all integer values, i, an n-bit binary vector (x) for any integer value, i0,x1,x2,…,xn-2,xn-1) According to a Boolean function f1And f2Carrying out 3 rounds of n-branch generalized Feistel structure round transformation and 1 round of nonlinear transformation to obtain n-bit intermediate variables, and carrying out bit combination on the n-bit intermediate variables to obtain the value Sbox (i) of the S box Sbox with the specification of n multiplied by n in the integer i, wherein i belongs to {0,1, …,2 ∈ [ ] [ ({ 0 [, ] 1, … [ ], 2 [ ])n-1};
S3, outputting an S box Sbox with n multiplied by n specification.
Wherein f involved in steps S1 to S31、f2Is composed ofBoolean functions of (2), logical operation symbols "&"denotes a bit AND operation, a logical operation symbolRepresenting a bit XOR operation, f1、f2The algebraic degree of (2) or more and the algebraic normative form thereof does not include a 1-degree term and a constant term. f. of1Contains 2U kinds of non-zero Boolean functions (U is 2)n-2-n+1),f2Contains 2U kinds of non-zero Boolean functions (U is 2)n-2-n+1),f1And f2The S boxes of n × n size generated in accordance with steps S1 to S3 have a total of 22UAnd (4) seed preparation.
Taking n as 8, the steps S1 to S3 in the embodiment of the present invention obtain an 8-bit S-box parameterized example commonly used in an actual algorithm, so as to obtain a new light-weight 8 × 8S-box design method.
Considering the resource lightweight requirement of hardware realization equivalent gate of the lightweight cryptographic algorithm suitable for RFID resource-constrained equipment, f is further limited1And f2The algebraic degree of the method is 2, the algebraic normal type term number is less than 3, and the light-weight 8-bit S box with good cryptographic property can be obtained by the method provided by the embodiment of the invention. In particular, f1And f2Has the following form:
the single round of logical operation only involves 4 AND operations (single bit) and 4 XOR operations (single bit), and the difference uniformity of the new 8-bit S box obtained after 4 rounds of iteration is 16, and the nonlinearity is 96.
Claims (5)
1. A method for designing a lightweight S-box is characterized by comprising the following steps:
s1, randomly selecting F according to the selected S box specification n2 n-2→F2Of the boolean function f1And f2;
S2, n-bit input data (x) to S-box0,x1,x2,…,xn-2,xn-1) Traversal of {0,1, …,2 in turnn-1} an n-bit binary vector { (0,0,0, …,0,0), (0,0,0, …,0,1), …, (1,1,1, …,1,1) } for all integer values, i, an n-bit binary vector (x) for any integer value, i0,x1,x2,…,xn-2,xn-1) According to a Boolean function f1And f2Carrying out 3 rounds of n generalized Feistel structure round transformation and 1 round of nonlinear transformation to obtain n-bit intermediate variablesAnd combining the n-bit intermediate variables to obtain the value Sbox (i) of the S-box Sbox with the n multiplied by n specification in the integer i, wherein i belongs to {0,1, …,2n-1};
The specific steps of step S2 are:
s21, inputting n-bit binary vector (x)0,x1,x2,…,xn-2,xn-1) Calculating the 1 st round of n round generalized Feistel structure round transformations, i.e. t01=x2,t11=x3,t21=x4,…,t(n-4)1=xn-2,t(n-3)1=xn-1,(t01,t11,t21,…,t(n-2)1,t(n-1)1) N bits of intermediate variable after the first round of transformation;
s22, for n-bit intermediate variable (t)01,t11,t21,…,t(n-2)1,t(n-1)1) Computing the 2 nd round n generalized Feistel structure round transformations, i.e.t02=t21,t12=t31,t22=t41,…,t(n-4)2=t(n-2)1,t(n-3)2=t(n-1)1,t(n-2)2=T01,t(n-1)2=T11,(t02,t12,t22,…,t(n-2)2,t(n-1)2) The n-bit intermediate variable after the second round of transformation is obtained;
s23, for n-bit intermediate variable (t)02,t12,t22,…,t(n-2)2,t(n-1)2) Computing the round transformation of the 3 rd round n generalized Feistel structure, i.e.t03=t22,t13=t32,t23=t42,…,t(n-4)3=t(n-2)2,t(n-3)3=t(n-1)2,t(n-2)3=T02,t(n-1)3=T12,(t03,t13,t23,…,t(n-2)3,t(n-1)3) N bits of intermediate variable after the third round of transformation;
s24, for n-bit intermediate variable (t)03,t13,t23,…,t(n-2)3,t(n-1)3) Computing the 4 th round nonlinear transformation, i.e.(T03,T13,t23,…,t(n-2)3,t(n-1)3) N bits of intermediate variable after the fourth round of conversion;
s25, and applying n-bit intermediate variable (T)03,T13,t23,…,t(n-2)3,t(n-1)3) Bit combination is carried out to obtain the value of the S box Sbox with the specification of nxn at an integer i, namely y0=T03,y1=T13,y2=t23,y3=t33,…,yn-2=t(n-2)3,yn-1=t(n-1)3,Sbox(i)=y0||y1||y2||y3||…||yn-1,(y0,y1,y2,…,yn-2,yn-1) Outputting data for n bits of the S-box;
s3, outputting an S box Sbox with n multiplied by n specification.
2. The method of designing a light-weight S-box according to claim 1, wherein the boolean function f in step S11And f2The algebraic degree of (2) is not less than 2, and the algebraic normal form does not contain 1-degree term and constant term.
3. According toThe method of designing a light-weight S-box according to claim 1, wherein the Boolean function f is set in step S11And f2All comprise 2UA non-zero boolean function, where U is an intermediate parameter.
4. The method for designing a light-weight S-box according to claim 3, wherein the intermediate parameter U is calculated by the formula:
U=2n-2-n+1。
5. the method of designing a lightweight S-box according to claim 1, wherein in step S3, the n × n S-box has a size of 22UWherein U is an intermediate parameter.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010994280.8A CN112636899B (en) | 2020-09-21 | 2020-09-21 | Lightweight S box design method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010994280.8A CN112636899B (en) | 2020-09-21 | 2020-09-21 | Lightweight S box design method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112636899A CN112636899A (en) | 2021-04-09 |
CN112636899B true CN112636899B (en) | 2022-03-18 |
Family
ID=75300168
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010994280.8A Active CN112636899B (en) | 2020-09-21 | 2020-09-21 | Lightweight S box design method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112636899B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113343175B (en) * | 2021-05-31 | 2022-05-27 | 中国电子科技集团公司第三十研究所 | Rapid method for automatically searching SPN type lightweight block cipher active S box |
CN113783684B (en) * | 2021-09-15 | 2023-07-18 | 桂林电子科技大学 | Construction method of 16-bit S box based on NFSR and Feistel structures |
CN114124351B (en) * | 2021-11-15 | 2023-06-27 | 中国电子科技集团公司第三十研究所 | Rapid calculation method of nonlinear invariant |
CN115037485B (en) * | 2022-08-12 | 2022-11-08 | 北京智芯微电子科技有限公司 | Method, device and equipment for realizing lightweight authentication encryption algorithm |
Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1999008411A2 (en) * | 1997-08-08 | 1999-02-18 | Jonathan Stiebel | New operation for key insertion with folding |
CN1558587A (en) * | 2004-01-20 | 2004-12-29 | 海信集团有限公司 | Method for designing reconfigurable S cassette module of reconfigurable cipher code coprocessor |
EP2058781A1 (en) * | 2006-09-01 | 2009-05-13 | Sony Corporation | Encryption device, encryption method, and computer program |
CN101764686A (en) * | 2010-01-11 | 2010-06-30 | 石家庄开发区冀科双实科技有限公司 | Encryption method for network and information security |
CN101848081A (en) * | 2010-06-11 | 2010-09-29 | 中国科学院软件研究所 | S box and construction method thereof |
CN101938352A (en) * | 2010-09-23 | 2011-01-05 | 北京航空航天大学 | Block cipher software encrypting method |
CN105681026A (en) * | 2016-03-10 | 2016-06-15 | 中国科学院计算技术研究所 | Dynamic S-box construction method and system suitable for lightweight encryption algorithm |
CN109921899A (en) * | 2019-04-18 | 2019-06-21 | 衡阳师范学院 | A kind of S box implementation method of complete snowslide 4 × 4 |
CN110266470A (en) * | 2019-06-24 | 2019-09-20 | 清华大学 | The make of novel block cipher round function |
CN110572255A (en) * | 2019-09-26 | 2019-12-13 | 衡阳师范学院 | Lightweight block cipher algorithm Shadow implementation method, device and computer readable medium |
CN111339577A (en) * | 2020-02-12 | 2020-06-26 | 南京师范大学 | Construction method of S box with excellent DPA resistance |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4622807B2 (en) * | 2005-03-25 | 2011-02-02 | ソニー株式会社 | Cryptographic processing apparatus, cryptographic processing method, and computer program |
-
2020
- 2020-09-21 CN CN202010994280.8A patent/CN112636899B/en active Active
Patent Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1999008411A2 (en) * | 1997-08-08 | 1999-02-18 | Jonathan Stiebel | New operation for key insertion with folding |
CN1558587A (en) * | 2004-01-20 | 2004-12-29 | 海信集团有限公司 | Method for designing reconfigurable S cassette module of reconfigurable cipher code coprocessor |
EP2058781A1 (en) * | 2006-09-01 | 2009-05-13 | Sony Corporation | Encryption device, encryption method, and computer program |
CN101764686A (en) * | 2010-01-11 | 2010-06-30 | 石家庄开发区冀科双实科技有限公司 | Encryption method for network and information security |
CN101848081A (en) * | 2010-06-11 | 2010-09-29 | 中国科学院软件研究所 | S box and construction method thereof |
CN101938352A (en) * | 2010-09-23 | 2011-01-05 | 北京航空航天大学 | Block cipher software encrypting method |
CN105681026A (en) * | 2016-03-10 | 2016-06-15 | 中国科学院计算技术研究所 | Dynamic S-box construction method and system suitable for lightweight encryption algorithm |
CN109921899A (en) * | 2019-04-18 | 2019-06-21 | 衡阳师范学院 | A kind of S box implementation method of complete snowslide 4 × 4 |
CN110266470A (en) * | 2019-06-24 | 2019-09-20 | 清华大学 | The make of novel block cipher round function |
CN110572255A (en) * | 2019-09-26 | 2019-12-13 | 衡阳师范学院 | Lightweight block cipher algorithm Shadow implementation method, device and computer readable medium |
CN111339577A (en) * | 2020-02-12 | 2020-06-26 | 南京师范大学 | Construction method of S box with excellent DPA resistance |
Non-Patent Citations (3)
Title |
---|
Design and analysis of dynamic S-box based on Feistel;Zhou-quan Du 等;《 2015 IEEE Advanced Information Technology, Electronic and Automation Control Conference (IAEAC)》;20160310;全文 * |
Piccolo算法的差分故障分析;赵光耀 等;《计算机学报》;20121119;第35卷(第9期);全文 * |
轻量S盒密码性质研究;贾平 等;《密码学报》;20151215;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN112636899A (en) | 2021-04-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112636899B (en) | Lightweight S box design method | |
Noura et al. | A new efficient lightweight and secure image cipher scheme | |
CN107147487B (en) | Symmetric key random block cipher | |
CN109921899B (en) | A kind of S box implementation method of complete snowslide 4 × 4 | |
Liu et al. | An AES S-box to increase complexity and cryptographic analysis | |
Yan et al. | DBST: a lightweight block cipher based on dynamic S-box | |
Noura et al. | Overview of efficient symmetric cryptography: dynamic vs static approaches | |
Lu | Cryptanalysis of block ciphers | |
Aboshosha et al. | Energy efficient encryption algorithm for low resources devices | |
CN109981247B (en) | Dynamic S box generation method based on integer chaotic mapping | |
CN111614457A (en) | P replacement improvement-based lightweight packet encryption and decryption method, device and storage medium | |
CN116980194A (en) | Safe and efficient data transmission method and system based on cloud edge end cooperation | |
CN112511293B (en) | S-box parameterization design method based on bit sum operation and storage medium | |
Kumar et al. | A novel approach for enciphering data of smaller bytes | |
Srisakthi et al. | Towards the design of a stronger AES: AES with key dependent shift rows (KDSR) | |
CN115811398A (en) | Dynamic S-box-based block cipher algorithm, device, system and storage medium | |
CN107437990A (en) | Encryption method, decryption method, encryption device and decryption device | |
CN112507357B (en) | Multi-stage interface design method based on key generator | |
CN113783684A (en) | 16-bit S box construction method based on NFSR and Feistel structures | |
CN112311527A (en) | Encryption method for converting master key into polynomial table lattice key lookup | |
Zhang et al. | Research on improvement of des encryption algorithm | |
Xie et al. | Related-key Impossible Boomerang Cryptanalysis on LBlock-s | |
CN111614456A (en) | Multi-party cooperative encryption/decryption method and medium for SM4 algorithm | |
Wei et al. | Related-key impossible differential cryptanalysis on crypton and crypton v1. 0 | |
CN114337993B (en) | White box SM4 encryption and decryption method and system applied to edge Internet of things proxy |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |