Cryptology ePrint Archive: Report 2014/084

RECTANGLE: A Bit-slice Lightweight Block Cipher Suitable for Multiple Platforms

Wentao Zhang and Zhenzhen Bao and Dongdai Lin and Vincent Rijmen and Bohan Yang and Ingrid Verbauwhede

Abstract: In this paper, we propose a new lightweight block cipher named RECTANGLE. The main idea of the design of RECTANGLE is to allow lightweight and fast implementations using bit-slice techniques. RECTANGLE uses an SP-network. The substitution layer consists of 16 4  4 S-boxes in parallel. The permutation layer is composed of 3 rotations. As shown in this paper, RECTANGLE offers great performance in both hardware and software environment, which provides enough flexibility for different application scenario. The following are 3 main advantages of RECTANGLE. First, RECTANGLE is extremely hardware-friendly. For the 80-bit key version, a one-cycle-per-round parallel implementation only needs 1600 gates for a throughput of 246 Kbits/sec at 100 KHz clock and an energy efficiency of 3.0 pJ/bit. Second, RECTANGLE achieves a very competitive software speed among the existing lightweight block ciphers due to its bit-slice style. Using 128-bit SSE instructions, a bit-slice implementation of RECTANGLE reaches an average encryption speed of about 3.9 cycles/byte for messages around 3000 bytes. Last, but not least, we propose new design criteria for the RECTANGLE S-box. Due to our careful selection of the S-box and the asymmetric design of the permutation layer, RECTANGLE achieves a very good security-performance tradeoff. Our extensive and deep security analysis shows that the highest number of rounds that we can attack, is 18 (out of 25).

Category / Keywords: lightweight cryptography, block cipher, design, bit-slice, hardware efficiency, software efficiency

Original Publication (with major differences): SCIENCE CHINA Information Sciences

Date: received 5 Feb 2014, last revised 9 Oct 2015

Contact author: zhangwentao at iie ac cn, vincent rijmen@esat kuleuven be

Available format(s): PDF | BibTeX Citation

Note: We have presented the first version of RECTANGLE in Cryptology ePrint Archive in February 2014. In this new version, we have made two changes. Firstly, the S-box is changed to the inverse S-box of the first version, for a better software performance. Secondly, the key schedule is updated to improve its software performance and resistance against related-key attacks, at the cost of an acceptable increase in hardware area.

Version: 20151009:080858 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]