## Cryptology ePrint Archive: Report 2017/747

sLiSCP: Simeck-based Permutations for Lightweight Sponge Cryptographic Primitives

Riham AlTawy and Raghvendra Rohit and Morgan He and Kalikinkar Mandal and Gangqiang Yang and Guang Gong

Abstract: In this paper, we propose a family of lightweight cryptographic permutations called sLiSCP, with the sole aim to provide a realistic minimal design}that suits a variety of lightweight device applications. More precisely, we argue that for such devices the chip area dedicated for security purposes should, not only be consumed by an encryption or hashing algorithm, but also provide as many cryptographic functionalities as possible. Our main contribution is the design of a lightweight permutation employing a 4-subblock Type-2 Generalized-like Structure (GFS) and round-reduced unkeyed Simeck with either 48 or 64-bit block length as the two round functions, thus resulting in two lightweight instances of the permutation, sLiSCP-192 and sLiSCP-256. We leverage the extensive security analysis on both Simeck (Simon-like functions) and Type-2 GFSs and present bounds against differential and linear cryptanalysis. In particular, we provide an estimation on the maximum differential probability of the round-reduced Simeck and use it for bounding the maximum expected differential/linear characteristic probability for our permutation. Due to the iterated nature of the Simeck round function and the simple XOR and cyclic shift mixing layer of the GFS that fosters the propagation of long trails, the long trail strategy}is adopted to provide tighter bounds on both characteristics. Moreover, we analyze sLiSCP against a wide range of distinguishing attacks, and accordingly, claim that there exists no structural distinguishers for sLiSCP with a complexity below $2^{b/2}$ where $b$ is the state size. We demonstrate how sLiSCP can be used as a unified round function in the duplex sponge construction to build (authenticated) encryption and hashing functionalities. The parallel hardware implementation area of the unified duplex mode of sLiSCP-192 (resp. sLiSCP-256) in CMOS $65\,nm$ ASIC is 2289 (resp. 3039) GEs with a throughput of 29.62 (resp. 44.44) kbps, and their areas in CMOS $130\, nm$ are 2498 (resp. 3319) GEs.

Category / Keywords: secret-key cryptography / Lightweight cryptography, Cryptographic permutation, Simeck block cipher, Generalized Feistel Structure, Sponge duplexing, Authenticated encryption, Hash function

Date: received 2 Aug 2017, last revised 10 Sep 2017

Contact author: r altawy at gmail com

Available format(s): PDF | BibTeX Citation

Note: Fixing some typos in the security analysis section.

Short URL: ia.cr/2017/747

[ Cryptology ePrint archive ]