Cryptology ePrint Archive: Report 2011/475

Solving Circuit Optimisation Problems in Cryptography and Cryptanalysis

Nicolas T. Courtois, Daniel Hulme and Theodosis Mourouzis

Abstract: One of the hardest problems in computer science is the problem of gate-eficient implementation. Such optimizations are particularly important in industrial hardware implementations of standard cryptographic algorithms. In this paper we focus on optimizing some small circuits such as S-boxes in cryptographic algorithms. We consider the notion of Multiplicative Complexity studied in 2008 by Boyar and Peralta and applied to find interesting optimizations for the S-box of the AES cipher. We applied this methodology to produce a compact implementation of several ciphers. In this short paper we report our results on PRESENT and GOST, two block ciphers known for their exceptionally low hardware cost. This kind of representation seems to be very promising in implementations aiming at preventing side channel attacks on cryptographic chips such as DPA. More importantly, we postulate that this kind of minimality is also an important and interesting tool in cryptanalysis.

Category / Keywords: secret-key cryptography / block ciphers, non-linearity, algebraic attacks, circuit complexity, multiplicative complexity, algebraic cryptanalysis, side-channel attacks

Publication Info: A short 6-page version of this work and a poster was presented at the 2nd IMA conference Mathematics in Defence 2011, UK and included in electronic proceedings. A longer version was presented at SHARCS 2012 workshop in Washington DC.

Date: received 31 Aug 2011, last revised 30 Apr 2012

Contact author: n courtois at cs ucl ac uk

Available format(s): PDF | BibTeX Citation

Note: see publication info

Version: 20120430:083035 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]