Cryptology ePrint Archive: Report 2014/453

Block Ciphers - Focus On The Linear Layer (feat. PRIDE): Full Version

Martin R. Albrecht and Benedikt Driessen and Elif Bilge Kavun and Gregor Leander and Christof Paar and Tolga Yalçın

Abstract: The linear layer is a core component in any substitution-permutation network block cipher. Its design significantly influences both the security and the efficiency of the resulting block cipher. Surprisingly, not many general constructions are known that allow to choose trade-offs between security and efficiency. Especially, when compared to Sboxes, it seems that the linear layer is crucially understudied. In this paper, we propose a general methodology to construct good, sometimes optimal, linear layers allowing for a large variety of trade-offs. We give several instances of our construction and on top underline its value by presenting a new block cipher. PRIDE is optimized for 8-bit micro-controllers and significantly outperforms all academic solutions both in terms of code size and cycle count.

Category / Keywords: secret-key cryptography / software-oriented lightweight block cipher, efficient linear layer

Original Publication (with major differences): The proceedings of CRYPTO 2014

Date: received 12 Jun 2014, last revised 16 Jun 2014

Contact author: elif kavun at rub de

Available format(s): PDF | BibTeX Citation

Note: Full version of CRYPTO 2014 paper

Version: 20140616:150306 (All versions of this report)

Short URL: ia.cr/2014/453

Discussion forum: Show discussion | Start new discussion