Paper 2022/747

More Inputs Makes Difference: Implementations of Linear Layers Using Gates with More Than Two Inputs

Qun Liu, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China, School of Cyber Science and Technology, Shandong University, Qingdao, China
Weijia Wang, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China, School of Cyber Science and Technology, Shandong University, Qingdao, China
Ling Sun, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China, School of Cyber Science and Technology, Shandong University, Qingdao, China
Yanhong Fan, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China, School of Cyber Science and Technology, Shandong University, Qingdao, China
Lixuan Wu, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China, School of Cyber Science and Technology, Shandong University, Qingdao, China
Meiqin Wang, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China, School of Cyber Science and Technology, Shandong University, Qingdao, China, Quan Cheng Shandong Laboratory, Jinan, China
Abstract

Lightweight cryptography ensures cryptography applications to devices with limited resources. Low-area implementations of linear layers usually play an essential role in lightweight cryptography. The previous works have provided plenty of methods to generate low-area implementations using 2-input xor gates for various linear layers. However, it is still challenging to search for smaller implementations using two or more inputs xor gates. This paper, inspired by Banik et al., proposes a novel approach to construct a quantity of lower area implementations with (n+1)-input gates based on the given implementations with n-input gates. Based on the novel algorithm, we present the corresponding search algorithms for n=2 and n=3, which means that we can efficiently convert an implementation with 2-input xor gates and 3-input xor gates to lower-area implementations with 3-input xor gates and 4-input xor gates, respectively. We improve the previous implementations of linear layers for many block ciphers according to the area with these search algorithms. For example, we achieve a better implementation with 4-input xor gates for AES MixColumns, which only requires 243 GE in the STM 130 nm library, while the previous public result is 258.9 GE. Besides, we obtain better implementations for all 5500 lightweight matrices proposed by Li et al. at FSE 2019, and the area for them is decreased by about 21% on average.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
A minor revision of an IACR publication in TOSC 2023
Keywords
Lightweight Cryptography Linear Layers Low Area AES
Contact author(s)
qunliu @ mail sdu edu cn
wjwang @ sdu edu cn
lingsun @ sdu edu cn
fanyh @ mail sdu edu cn
lixuanwu @ mail sdu edu cn
mqwang @ sdu edu cn
History
2022-06-15: revised
2022-06-11: received
See all versions
Short URL
https://ia.cr/2022/747
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/747,
      author = {Qun Liu and Weijia Wang and Ling Sun and Yanhong Fan and Lixuan Wu and Meiqin Wang},
      title = {More Inputs Makes Difference: Implementations of Linear Layers Using Gates with More Than Two Inputs},
      howpublished = {Cryptology ePrint Archive, Paper 2022/747},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/747}},
      url = {https://eprint.iacr.org/2022/747}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.