An STP-based model toward designing S-boxes with good cryptographic properties

Zhenyu Lu; Sihem Mesnager; Tingting Cui; Yanhong Fan; Meiqin Wang

Paper 2023/1023

An STP-based model toward designing S-boxes with good cryptographic properties

Zhenyu Lu, Shandong University

Sihem Mesnager, University of Paris VIII, University Sorbonne Paris Cité, Polytechnic Institute of Paris

Tingting Cui, Dianzi University, Hangzhou, Shandong University

Yanhong Fan, Shandong University

Meiqin Wang, Shandong University, Quan Cheng Shandong Laboratory

Abstract

The substitution box (S-box) is an important nonlinear component in most symmetric cryptosystems and thus should have good properties. Its difference distribution table (DDT) and linear approximation table (LAT) affect the security of the cipher against differential and linear cryptanalysis. In most previous work, differential uniformity and linearity of an S-box are two primary cryptographic properties to impact the resistance against differential and linear attacks. In some cases, the branch number and fixed point are also be considered. However, other important cryptographic properties such as the frequency of differential uniformity (resp. linearity) and the number of Bad Input and Bad Output (BIBO) patterns in DDT (resp. LAT) are often ignored. These properties substantially affect lightweight cryptography based on substitution bit permutation networks (SbPN) such as PRESENT, GIFT and RECTANGLE. This paper introduces a new method to search for S-boxes satisfying all above criteria simultaneously. In our strategy, we transform the process of searching for S-boxes under certain constraints on cryptographic properties into a satisfiability (SAT) problem. As applications, we use our new approach to search out 4-bit and 5-bit S-boxes with the same or better cryptographic properties compared with the S-boxes from well-known ciphers. Finally, we also utilize our method to verify a conjecture proposed by Boura et al. in the case of all 3-bit and 4-bit S-boxes. We propose a proposition and two corollaries to reduce the search space in this verification.

Metadata

Available format(s): PDF
Category: Secret-key cryptography
Publication info: Published elsewhere. Designs, Codes and Cryptography
DOI: 10.1007/s10623-022-01034-2
Keywords: Symmetric cryptography Lightweight cryptography Block cipher S-box Difference Distribution Table (DDT)
Contact author(s): luzhenyu @ mail sdu edu cn
smesnager @ univ-paris8 fr
cuitingting @ hdu edu cn
fanyh @ mail sdu edu cn
mqwang @ sdu edu cn
History: 2023-07-03: revised; 2023-07-02: received; See all versions
Short URL: https://ia.cr/2023/1023
License: CC BY

BibTeX

@misc{cryptoeprint:2023/1023,
      author = {Zhenyu Lu and Sihem Mesnager and Tingting Cui and Yanhong Fan and Meiqin Wang},
      title = {An STP-based model toward designing S-boxes with good cryptographic properties},
      howpublished = {Cryptology ePrint Archive, Paper 2023/1023},
      year = {2023},
      doi = {10.1007/s10623-022-01034-2},
      note = {\url{https://eprint.iacr.org/2023/1023}},
      url = {https://eprint.iacr.org/2023/1023}
}