Addendum to How Small Can S-boxes Be?
In ToSC 2025(1), Jia et al. proposed an SAT-aided automatic search tool for the S-box design. A part of the functionality of this tool is to search for implementations of an S-box with good area and gate-depth complexity. However, it is well-known that the gate depth complexity cannot precisely ref...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Ruhr-Universität Bochum
2025-06-01
|
| Series: | IACR Transactions on Symmetric Cryptology |
| Subjects: | |
| Online Access: | https://ojs.ub.rub.de/index.php/ToSC/article/view/12248 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850210599934361600 |
|---|---|
| author | Yu Sun Lixuan Wu Chenhao Jia Tingting Cui Kai Hu Meiqin Wang |
| author_facet | Yu Sun Lixuan Wu Chenhao Jia Tingting Cui Kai Hu Meiqin Wang |
| author_sort | Yu Sun |
| collection | DOAJ |
| description |
In ToSC 2025(1), Jia et al. proposed an SAT-aided automatic search tool for the S-box design. A part of the functionality of this tool is to search for implementations of an S-box with good area and gate-depth complexity. However, it is well-known that the gate depth complexity cannot precisely reflect the latency of an implementation. To overcome this problem, Rasoolzadeh introduced the concept of latency complexity, a more precise metric for the latency cost of implementing an S-box than the gate depth complexity in the real world.
In this addendum, we adapt Jia et al.’s tool to prioritize latency as the primary metric and area as the secondary metric to search for good implementations for existing S-boxes. The results show that the combination of Jia et al.’s tool and Rasoolzadeh’s latency complexity can lead to lower-latency S-box implementations. For S-boxes used in LBlock, Piccolo, SKINNY-64, RECTANGLE, PRESENT and TWINE, which are popular targets in this research line, we find new implementations with lower latency. We conducted synthesis comparisons of the area and latency under multiple standard libraries, where our results consistently outperformed in terms of latency. For example, for LBlock-S0, our solution reduces latency by around 50.0% ∼ 73.8% compared to previous implementations in TSMC 90nm library with the latency-optimized synthesis option.
|
| format | Article |
| id | doaj-art-eae2dcee5ed0458d82169717953694af |
| institution | OA Journals |
| issn | 2519-173X |
| language | English |
| publishDate | 2025-06-01 |
| publisher | Ruhr-Universität Bochum |
| record_format | Article |
| series | IACR Transactions on Symmetric Cryptology |
| spelling | doaj-art-eae2dcee5ed0458d82169717953694af2025-08-20T02:09:44ZengRuhr-Universität BochumIACR Transactions on Symmetric Cryptology2519-173X2025-06-012025210.46586/tosc.v2025.i2.192-205Addendum to How Small Can S-boxes Be?Yu Sun0Lixuan Wu1Chenhao Jia2Tingting Cui3Kai Hu4Meiqin Wang5School of Cyber Science and Technology, Shandong University, Qingdao, Shandong, China; Quan Cheng Laboratory, Jinan, ChinaSchool of Cyber Science and Technology, Shandong University, Qingdao, Shandong, ChinaSchool of Cyberspace, Hangzhou Dianzi University, Hangzhou, ChinaSchool of Cyberspace, Hangzhou Dianzi University, Hangzhou, China; State Key Laboratory of Cryptography and Digital Economy Security, Shandong University, Qingdao, 266237, ChinaSchool of Cyber Science and Technology, Shandong University, Qingdao, Shandong, China; Quan Cheng Laboratory, Jinan, China; State Key Laboratory of Cryptography and Digital Economy Security, Shandong University, Qingdao, 266237, China; Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, ChinaSchool of Cyber Science and Technology, Shandong University, Qingdao, Shandong, China; State Key Laboratory of Cryptography and Digital Economy Security, Shandong University, Qingdao, 266237, China; Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China In ToSC 2025(1), Jia et al. proposed an SAT-aided automatic search tool for the S-box design. A part of the functionality of this tool is to search for implementations of an S-box with good area and gate-depth complexity. However, it is well-known that the gate depth complexity cannot precisely reflect the latency of an implementation. To overcome this problem, Rasoolzadeh introduced the concept of latency complexity, a more precise metric for the latency cost of implementing an S-box than the gate depth complexity in the real world. In this addendum, we adapt Jia et al.’s tool to prioritize latency as the primary metric and area as the secondary metric to search for good implementations for existing S-boxes. The results show that the combination of Jia et al.’s tool and Rasoolzadeh’s latency complexity can lead to lower-latency S-box implementations. For S-boxes used in LBlock, Piccolo, SKINNY-64, RECTANGLE, PRESENT and TWINE, which are popular targets in this research line, we find new implementations with lower latency. We conducted synthesis comparisons of the area and latency under multiple standard libraries, where our results consistently outperformed in terms of latency. For example, for LBlock-S0, our solution reduces latency by around 50.0% ∼ 73.8% compared to previous implementations in TSMC 90nm library with the latency-optimized synthesis option. https://ojs.ub.rub.de/index.php/ToSC/article/view/12248S-boxlow-latencyautomatic searchSAT |
| spellingShingle | Yu Sun Lixuan Wu Chenhao Jia Tingting Cui Kai Hu Meiqin Wang Addendum to How Small Can S-boxes Be? IACR Transactions on Symmetric Cryptology S-box low-latency automatic search SAT |
| title | Addendum to How Small Can S-boxes Be? |
| title_full | Addendum to How Small Can S-boxes Be? |
| title_fullStr | Addendum to How Small Can S-boxes Be? |
| title_full_unstemmed | Addendum to How Small Can S-boxes Be? |
| title_short | Addendum to How Small Can S-boxes Be? |
| title_sort | addendum to how small can s boxes be |
| topic | S-box low-latency automatic search SAT |
| url | https://ojs.ub.rub.de/index.php/ToSC/article/view/12248 |
| work_keys_str_mv | AT yusun addendumtohowsmallcansboxesbe AT lixuanwu addendumtohowsmallcansboxesbe AT chenhaojia addendumtohowsmallcansboxesbe AT tingtingcui addendumtohowsmallcansboxesbe AT kaihu addendumtohowsmallcansboxesbe AT meiqinwang addendumtohowsmallcansboxesbe |