Optimality and beyond: The case of 4×4 S-boxes

S-boxes with better transparency order are expected to have higher side-channel resistance. For 8×8 S-boxes this is not practical, considering the costs of lookup-table implementations and deterioration of many properties like nonlinearity or delta uniformity. However, if we concentrate on the 4×4 S-box size we can observe that it is possible to obtain S-boxes with better transparency order while maintaining proper “classical” properties. To prove this, we experiment with PRINCE and PRESENT S-boxes. We use various methods and show that evolutionary algorithms are also viable in obtaining the lowest known transparency order value for the nonlinearity value of 4. Next, we show that affine transformation changes the transparency order while keeping “classical” properties intact. By using this technique, it is possible to generate optimal S-boxes with improved DPA-related properties.

[1]  Anne Canteaut,et al.  PRINCE - A Low-latency Block Cipher for Pervasive Computing Applications (Full version) , 2012, IACR Cryptol. ePrint Arch..

[2]  Peter L. Hammer,et al.  Boolean Models and Methods in Mathematics, Computer Science, and Engineering , 2010, Boolean Models and Methods.

[3]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[4]  2014 IEEE International Symposium on Hardware-Oriented Security and Trust, HOST 2014, Arlington, VA, USA, May 6-7, 2014 , 2014, HOST.

[5]  Peter L. Hammer,et al.  Boolean Models and Methods in Mathematics, Computer Science, and Engineering: Contents , 2010 .

[6]  Dominique De Werra Boolean Models and Methods in Mathematics, Computer Science, and Engineering , 2010, Boolean Models and Methods.

[7]  Lejla Batina,et al.  On using genetic algorithms for intrinsic side-channel resistance: the case of AES S-box , 2014, CS2 '14.

[8]  An Braeken,et al.  Cryptographic Properties of Boolean Functions and S-Boxes (Cryptografische eigenschappen van Booleaanse functies en S-Boxen) , 2006 .

[9]  Peter L. Hammer,et al.  Boolean Models and Methods in Mathematics, Computer Science, and Engineering , 2010, Boolean Models and Methods.

[10]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[11]  Debdeep Mukhopadhyay,et al.  Constrained Search for a Class of Good Bijective $S$-Boxes With Improved DPA Resistivity , 2013, IEEE Transactions on Information Forensics and Security.

[12]  Debdeep Mukhopadhyay,et al.  Design and implementation of rotation symmetric S-boxes with high nonlinearity and high DPA resilience , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[13]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[14]  Markku-Juhani O. Saarinen Cryptographic Analysis of All 4 x 4 - Bit S-Boxes , 2011, IACR Cryptol. ePrint Arch..

[15]  Mitsuru Matsui,et al.  A New Method for Known Plaintext Attack of FEAL Cipher , 1992, EUROCRYPT.

[16]  Daniel J. Bernstein,et al.  Cache-timing attacks on AES , 2005 .

[17]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[18]  Gregor Leander,et al.  On the Classification of 4 Bit S-Boxes , 2007, WAIFI.

[19]  Emmanuel Prouff,et al.  DPA Attacks and S-Boxes , 2005, FSE.

[20]  Claude Carlet,et al.  On Highly Nonlinear S-Boxes and Their Inability to Thwart DPA Attacks , 2005, INDOCRYPT.

[21]  A. E. Eiben,et al.  Introduction to Evolutionary Computing , 2003, Natural Computing Series.