Efficient constructions for large‐state block ciphers based on AES New Instructions
Abstract Large‐state block ciphers with 256 bits or 512 bits block sizes receive much attention from the viewpoint of long‐term security. Existing large‐state block ciphers, such as Haraka‐v2 and Pholkos, consist of only the AES New Instructions set (AES‐NI) and a word shuffle that can be efficientl...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2022-05-01
|
| Series: | IET Information Security |
| Subjects: | |
| Online Access: | https://doi.org/10.1049/ise2.12053 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832546690380333056 |
|---|---|
| author | Rentaro Shiba Kosei Sakamoto Takanori Isobe |
| author_facet | Rentaro Shiba Kosei Sakamoto Takanori Isobe |
| author_sort | Rentaro Shiba |
| collection | DOAJ |
| description | Abstract Large‐state block ciphers with 256 bits or 512 bits block sizes receive much attention from the viewpoint of long‐term security. Existing large‐state block ciphers, such as Haraka‐v2 and Pholkos, consist of only the AES New Instructions set (AES‐NI) and a word shuffle that can be efficiently executed by SIMD instructions for fast software implementation. In Haraka‐v2 and Pholkos, the AES round function is executed twice in parallel at each step and its outputs are shuffled (called two‐round constructions). In this study, optimal constructions based on AES‐NI and efficient word shuffles for such large‐state block ciphers in terms of the encryption speed for software are explored. Specifically, an optimal class of word shuffles that can achieve security in a smaller number of rounds from the class of word shuffles that can be efficiently implemented in SIMD to contribute to the improvement of the performance of large‐state block ciphers is identified. Their speed for each CPU architecture is measured. As a result, the authors reveal the constructions such that two rounds of the AES round function is executed in parallel at each step and its outputs are shuffled (called two‐round constructions) and are optimal in all CPUs with Skylake architecture or later versions. Furthermore, the authors reveal that there is a clear difference in word shuffle instructions with respect to the speed, even if they theoretically require the same number of cycles. Consequently, the authors clarify the optimal construction for each architecture by taking these differences into consideration. |
| format | Article |
| id | doaj-art-b635cd0b0e1f4c2e8f20505c351e9f80 |
| institution | Kabale University |
| issn | 1751-8709 1751-8717 |
| language | English |
| publishDate | 2022-05-01 |
| publisher | Wiley |
| record_format | Article |
| series | IET Information Security |
| spelling | doaj-art-b635cd0b0e1f4c2e8f20505c351e9f802025-02-03T06:47:34ZengWileyIET Information Security1751-87091751-87172022-05-0116314516010.1049/ise2.12053Efficient constructions for large‐state block ciphers based on AES New InstructionsRentaro Shiba0Kosei Sakamoto1Takanori Isobe2Graduate School of Applied Informatics University of Hyogo Hyogo JapanGraduate School of Applied Informatics University of Hyogo Hyogo JapanGraduate School of Applied Informatics University of Hyogo Hyogo JapanAbstract Large‐state block ciphers with 256 bits or 512 bits block sizes receive much attention from the viewpoint of long‐term security. Existing large‐state block ciphers, such as Haraka‐v2 and Pholkos, consist of only the AES New Instructions set (AES‐NI) and a word shuffle that can be efficiently executed by SIMD instructions for fast software implementation. In Haraka‐v2 and Pholkos, the AES round function is executed twice in parallel at each step and its outputs are shuffled (called two‐round constructions). In this study, optimal constructions based on AES‐NI and efficient word shuffles for such large‐state block ciphers in terms of the encryption speed for software are explored. Specifically, an optimal class of word shuffles that can achieve security in a smaller number of rounds from the class of word shuffles that can be efficiently implemented in SIMD to contribute to the improvement of the performance of large‐state block ciphers is identified. Their speed for each CPU architecture is measured. As a result, the authors reveal the constructions such that two rounds of the AES round function is executed in parallel at each step and its outputs are shuffled (called two‐round constructions) and are optimal in all CPUs with Skylake architecture or later versions. Furthermore, the authors reveal that there is a clear difference in word shuffle instructions with respect to the speed, even if they theoretically require the same number of cycles. Consequently, the authors clarify the optimal construction for each architecture by taking these differences into consideration.https://doi.org/10.1049/ise2.12053AES‐NI, block cipher, cryptography, private key cryptography |
| spellingShingle | Rentaro Shiba Kosei Sakamoto Takanori Isobe Efficient constructions for large‐state block ciphers based on AES New Instructions IET Information Security AES‐NI, block cipher, cryptography, private key cryptography |
| title | Efficient constructions for large‐state block ciphers based on AES New Instructions |
| title_full | Efficient constructions for large‐state block ciphers based on AES New Instructions |
| title_fullStr | Efficient constructions for large‐state block ciphers based on AES New Instructions |
| title_full_unstemmed | Efficient constructions for large‐state block ciphers based on AES New Instructions |
| title_short | Efficient constructions for large‐state block ciphers based on AES New Instructions |
| title_sort | efficient constructions for large state block ciphers based on aes new instructions |
| topic | AES‐NI, block cipher, cryptography, private key cryptography |
| url | https://doi.org/10.1049/ise2.12053 |
| work_keys_str_mv | AT rentaroshiba efficientconstructionsforlargestateblockciphersbasedonaesnewinstructions AT koseisakamoto efficientconstructionsforlargestateblockciphersbasedonaesnewinstructions AT takanoriisobe efficientconstructionsforlargestateblockciphersbasedonaesnewinstructions |