Cryptology ePrint Archive: Report 2020/680

On the Design of Bit Permutation Based Ciphers - The Interplay Among S-box, Bit Permutation and Key-addition

Sumanta Sarkar and Yu Sasaki and Siang Meng Sim

Abstract: Bit permutation based block ciphers, like PRESENT and GIFT, are well-known for their extreme lightweightness in hardware implementation. However, designing such ciphers comes with one major challenge - to ensure strong cryptographic properties simply depending on the combination of three components, namely S-box, a bit permutation and a key addition function. Having a wrong combination of components could lead to weaknesses. In this article, we studied the interaction between these components, improved the theoretical security bound of GIFT and highlighted the potential pitfalls associated with a bit permutation based primitive design. We also conducted analysis on TRIFLE, a first-round candidate for the NIST lightweight cryptography competition, where our findings influenced the elimination of TRIFLE from second-round of the NIST competition. In particular, we showed that internal state bits of TRIFLE can be partially decrypted for a few rounds even without any knowledge of the key.

Category / Keywords: secret-key cryptography / lightweight cryptography, block cipher, bit permutation, S-box, differential cryptanalysis, linear cryptanalysis, PRESENT, GIFT, TRIFLE

Original Publication (in the same form): The 15th International Workshop on Security (IWSEC 2020)

Date: received 8 Jun 2020, last revised 14 Jun 2020

Contact author: crypto s m sim at gmail com,sumanta sarkar1@tcs com,yu sasaki sk@hco ntt co jp

Available format(s): PDF | BibTeX Citation

Version: 20200614:080618 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]