Paper 2023/240
Pitfalls and Shortcomings for Decompositions and Alignment (Full Version)
, Ruhr University Bochum, Bochum, Germany, University of Luxembourg, Esch-sur-Alzette, Luxembourg, Ruhr University Bochum, Bochum, Germany, Ruhr University Bochum, Bochum, GermanyAbstract
In this paper we, for the first time, study the question under which circumstances decomposing a round function of a Substitution-Permutation Network is possible uniquely. More precisely, we provide necessary and sufficient criteria for the non-linear layer on when a decomposition is unique. Our results in particular imply that, when cryptographically strong S-boxes are used, the decomposition is indeed unique. We then apply our findings to the notion of alignment, pointing out that the previous definition allows for primitives that are both aligned and unaligned simultaneously. As a second result, we present experimental data that shows that alignment might only have limited impact. For this, we compare aligned and unaligned versions of the cipher PRESENT.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- A major revision of an IACR publication in EUROCRYPT 2023
- Keywords
- Supstitution-Permutation NetworkAlignmentPRESENT
- Contact author(s)
-
baptiste lambin @ protonmail com
gregor leander @ rub de
patrick neumann @ rub de - History
- 2023-02-21: approved
- 2023-02-21: received
- See all versions
- Short URL
- https://ia.cr/2023/240
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/240,
author = {Baptiste Lambin and Gregor Leander and Patrick Neumann},
title = {Pitfalls and Shortcomings for Decompositions and Alignment (Full Version)},
howpublished = {Cryptology ePrint Archive, Paper 2023/240},
year = {2023},
note = {\url{https://eprint.iacr.org/2023/240}},
url = {https://eprint.iacr.org/2023/240}
}
