A Framework for Generating S-Box Circuits with Boyer–Peralta Algorithm-Based Heuristics, and Its Applications to AES, SNOW3G, and Saturnin

Authors

  • Yongjin Jeon Department of Financial Information Security, Kookmin University, Republic of Korea
  • Seungjun Baek Department of Financial Information Security, Kookmin University, Republic of Korea
  • Giyoon Kim Department of Financial Information Security, Kookmin University, Republic of Korea
  • Jongsung Kim Department of Financial Information Security, Kookmin University, Republic of Korea; Department of Information Security, Cryptology, and Mathematics, Kookmin University, Republic of Korea

DOI:

https://doi.org/10.46586/tches.v2025.i1.586-631

Keywords:

Lightweight cryptography, S-box, Low-latency implementation, Circuit depth, Gate count, AES, SNOW3G, Saturnin

Abstract

In many lightweight cryptography applications, low area and latency are required for efficient implementation. The gate count in the cipher and the circuit depth must be low to minimize these two metrics. Many optimization strategies have been developed for the linear layer, led by the Boyer–Peralta (BP) algorithm. The Advanced Encryption Standard (AES) has been a focus of extensive research in this area. However, while the linear layer uses only XOR gates, the S-box, which is an essential nonlinear component in symmetric cryptography, uses various gate types, making optimization challenging, particularly as the bit size increases.
In this paper, we propose a new framework for a heuristic search to optimize the circuit depth or XOR gate count of S-box circuits. Existing S-box circuit optimization studies have divided the nonlinear and linear layers of the S-box, optimizing each separately, but limitations still exist in optimizing large S-box circuits. To extend the optimization target from individual internal components to the entire S-box circuit, we extract the XOR information of each node in the target circuit and reconstruct the nodes based on nonlinear gates. Next, we extend the BP algorithm-based heuristics to address nonlinear gates and incorporate this into the framework. It is noteworthy that the effects of our framework occur while maintaining the AND gate count and AND depth without any increase.
To demonstrate the effectiveness of the proposed framework, we apply it to the AES, SNOW3G, and Saturnin S-box circuits. Our results include depth improvements by about 40% and 11% compared to the existing AES S-box [BP10] and Saturnin super S-box [CDL+20] circuits, respectively. We implement a new circuit for the SNOW3G S-box, which has not previously been developed, and apply our framework to reduce its depth. We expect the proposed framework to contribute to the design and implementation of various symmetric-key cryptography solutions.

Downloads

Published

2024-12-09

Issue

Vol. 2025 No. 1

Section

Articles

License

Copyright (c) 2024 Yongjin Jeon, Seungjun Baek, Giyoon Kim, Jongsung Kim

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

A Framework for Generating S-Box Circuits with Boyer–Peralta Algorithm-Based Heuristics, and Its Applications to AES, SNOW3G, and Saturnin. (2024). IACR Transactions on Cryptographic Hardware and Embedded Systems, 2025(1), 586-631. https://doi.org/10.46586/tches.v2025.i1.586-631