Paper 2024/1867

Symmetric Twin Column Parity Mixers and their Applications

Hao Lei, School of Cyber Science and Technology, Shandong University, Qingdao, Shandong, China, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China
Raghvendra Rohit, Cryptography Research Centre, Technology Innovation Institute, Abu Dhabi, United Arab Emirates
Guoxiao Liu, Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China
Jiahui He, School of Cyber Science and Technology, Shandong University, Qingdao, Shandong, China, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China
Mohamed Rachidi, Cryptography Research Centre, Technology Innovation Institute, Abu Dhabi, United Arab Emirates
Keting Jia, Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China, BNRist, Tsinghua University, Beijing, China, Zhongguancun Laboratory, Beijing, China
Kai Hu, School of Cyber Science and Technology, Shandong University, Qingdao, Shandong, China, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China
Meiqin Wang, School of Cyber Science and Technology, Shandong University, Qingdao, Shandong, China, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China, Quan Cheng Shandong Laboratory, Jinan, China
Abstract

The circulant twin column parity mixer (TCPM) is a type of mixing layer for the round function of cryptographic permutations designed by Hirch et al. at CRYPTO 2023. It has a bitwise differential branch number of 12 and a bitwise linear branch number of 4, which makes it competitive in applications where differential security is required. Hirch et al. gave a concrete instantiation of a permutation using such a mixing layer, named Gaston, and showed the best 3-round differential and linear trails of Gaston have much higher weights than those of ASCON. In this paper, we first prove why the TCPM has linear branch number 4 and then show that Gaston's linear behavior is worse than ASCON for more than 3 rounds. Motivated by these facts, we aim to enhance the linear security of the TCPM. We show that adding a specific set of row cyclic shifts to the TCPM can make its differential and linear branch numbers both 12. Notably, by setting a special relationship between the row shift parameters of the modified TCPM, we obtain a special kind of mixlayer called the symmetric circulant twin column parity mixer. The symmetric TCPM has a unique design property that its differential and linear branch histograms are the same, which makes the parameter selection process and the security analysis convenient. Using the symmetric TCPM, we present two new 320-bit cryptographic permutations, namely (1) Gaston-S where we replace the mixing layer in Gaston with the symmetric TCPM and (2) SBD which uses a low-latency degree-4 S-box as the non-linear layer and the symmetric TCPM as the mixing layer. We evaluate the security of these permutations considering differential, linear and algebraic analysis, and then provide the performance comparison with Gaston in both hardware and software. Our results indicate that Gaston-S and SBD are competitive with Gaston in both security and performance.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published by the IACR in TOSC 2024
Keywords
Mixing layerPermutationsBranch numberColumn parity mixer (CPM)GastonAscon
Contact author(s)
202117056 @ mail sdu edu cn
iraghvendrarohit @ gmail com
lgx22 @ mails tsinghua edu cn
hejiahui2020 @ mail sdu edu cn
Mohamed Rachidi @ tii ae
ktjia @ tsinghua edu cn
kai hu @ sdu edu cn
mqwang @ sdu edu cn
History
2024-11-25: last of 2 revisions
2024-11-15: received
See all versions
Short URL
https://ia.cr/2024/1867
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/1867,
      author = {Hao Lei and Raghvendra Rohit and Guoxiao Liu and Jiahui He and Mohamed Rachidi and Keting Jia and Kai Hu and Meiqin Wang},
      title = {Symmetric Twin Column Parity Mixers and their Applications},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1867},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1867}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.