On a Generalization of Substitution-Permutation Networks: The HADES Design Strategy

Publikation: ArbeitspapierWorking paperForschung

Abstract

Keyed and unkeyed cryptographic permutations often iterate simple round functions. Substitution-Permutation Networks (SPNs) are an approach that is popular since the mid 1990s. One of the new directions in the design of these round functions is to reduce the substitution (S-Box) layer from a full one to a partial one, uniformly distributed over all the rounds. LowMC and Zorro are examples of this approach.

A relevant freedom in the design space is to allow for a highly non-uniform distribution of S-Boxes. However, choosing rounds that are so different from each other is very rarely done, as it makes security analysis and implementation much harder. We develop the design strategy Hades and an analysis framework for it, which despite this increased complexity allows for security arguments against many classes of attacks, similar to earlier simpler SPNs. The framework builds up on the wide trail design strategy for SPNs, and it additionally allows for security arguments against algebraic attacks, that are much more of a concern when algebraically simple S-Boxes are used.

Subsequently, this is put into practice by concrete instances and benchmarks for a use case that generally benefits from a smaller number of S-Boxes and showcases the diversity of design options we support: A candidate cipher natively working with objects in GF(p), for securing data transfers with distributed databases using secure multiparty computation (MPC). Compared to the currently fastest design MiMC, we observe significant improvements in online bandwidth requirements and throughput with a simultaneous reduction of preprocessing effort, while having a comparable online latency.
Originalspracheenglisch
PublikationsstatusVeröffentlicht - 27 Sep 2019

Fingerprint

Substitution reactions
Data transfer
Throughput
Concretes
Bandwidth

Schlagwörter

    Dies zitieren

    @techreport{2d1c213b3f8949c0a841ab8f5a391f77,
    title = "On a Generalization of Substitution-Permutation Networks: The HADES Design Strategy",
    abstract = "Keyed and unkeyed cryptographic permutations often iterate simple round functions. Substitution-Permutation Networks (SPNs) are an approach that is popular since the mid 1990s. One of the new directions in the design of these round functions is to reduce the substitution (S-Box) layer from a full one to a partial one, uniformly distributed over all the rounds. LowMC and Zorro are examples of this approach.A relevant freedom in the design space is to allow for a highly non-uniform distribution of S-Boxes. However, choosing rounds that are so different from each other is very rarely done, as it makes security analysis and implementation much harder. We develop the design strategy Hades and an analysis framework for it, which despite this increased complexity allows for security arguments against many classes of attacks, similar to earlier simpler SPNs. The framework builds up on the wide trail design strategy for SPNs, and it additionally allows for security arguments against algebraic attacks, that are much more of a concern when algebraically simple S-Boxes are used.Subsequently, this is put into practice by concrete instances and benchmarks for a use case that generally benefits from a smaller number of S-Boxes and showcases the diversity of design options we support: A candidate cipher natively working with objects in GF(p), for securing data transfers with distributed databases using secure multiparty computation (MPC). Compared to the currently fastest design MiMC, we observe significant improvements in online bandwidth requirements and throughput with a simultaneous reduction of preprocessing effort, while having a comparable online latency.",
    keywords = "Hades Strategy, cryptographic permutations, Secure Multiparty Computation (MPC)",
    author = "Lorenzo Grassi and Reinhard L{\"u}ftenegger and Christian Rechberger and Dragos Rotaru and Markus Schofnegger",
    year = "2019",
    month = "9",
    day = "27",
    language = "English",
    type = "WorkingPaper",

    }

    TY - UNPB

    T1 - On a Generalization of Substitution-Permutation Networks: The HADES Design Strategy

    AU - Grassi, Lorenzo

    AU - Lüftenegger, Reinhard

    AU - Rechberger, Christian

    AU - Rotaru, Dragos

    AU - Schofnegger, Markus

    PY - 2019/9/27

    Y1 - 2019/9/27

    N2 - Keyed and unkeyed cryptographic permutations often iterate simple round functions. Substitution-Permutation Networks (SPNs) are an approach that is popular since the mid 1990s. One of the new directions in the design of these round functions is to reduce the substitution (S-Box) layer from a full one to a partial one, uniformly distributed over all the rounds. LowMC and Zorro are examples of this approach.A relevant freedom in the design space is to allow for a highly non-uniform distribution of S-Boxes. However, choosing rounds that are so different from each other is very rarely done, as it makes security analysis and implementation much harder. We develop the design strategy Hades and an analysis framework for it, which despite this increased complexity allows for security arguments against many classes of attacks, similar to earlier simpler SPNs. The framework builds up on the wide trail design strategy for SPNs, and it additionally allows for security arguments against algebraic attacks, that are much more of a concern when algebraically simple S-Boxes are used.Subsequently, this is put into practice by concrete instances and benchmarks for a use case that generally benefits from a smaller number of S-Boxes and showcases the diversity of design options we support: A candidate cipher natively working with objects in GF(p), for securing data transfers with distributed databases using secure multiparty computation (MPC). Compared to the currently fastest design MiMC, we observe significant improvements in online bandwidth requirements and throughput with a simultaneous reduction of preprocessing effort, while having a comparable online latency.

    AB - Keyed and unkeyed cryptographic permutations often iterate simple round functions. Substitution-Permutation Networks (SPNs) are an approach that is popular since the mid 1990s. One of the new directions in the design of these round functions is to reduce the substitution (S-Box) layer from a full one to a partial one, uniformly distributed over all the rounds. LowMC and Zorro are examples of this approach.A relevant freedom in the design space is to allow for a highly non-uniform distribution of S-Boxes. However, choosing rounds that are so different from each other is very rarely done, as it makes security analysis and implementation much harder. We develop the design strategy Hades and an analysis framework for it, which despite this increased complexity allows for security arguments against many classes of attacks, similar to earlier simpler SPNs. The framework builds up on the wide trail design strategy for SPNs, and it additionally allows for security arguments against algebraic attacks, that are much more of a concern when algebraically simple S-Boxes are used.Subsequently, this is put into practice by concrete instances and benchmarks for a use case that generally benefits from a smaller number of S-Boxes and showcases the diversity of design options we support: A candidate cipher natively working with objects in GF(p), for securing data transfers with distributed databases using secure multiparty computation (MPC). Compared to the currently fastest design MiMC, we observe significant improvements in online bandwidth requirements and throughput with a simultaneous reduction of preprocessing effort, while having a comparable online latency.

    KW - Hades Strategy

    KW - cryptographic permutations

    KW - Secure Multiparty Computation (MPC)

    M3 - Working paper

    BT - On a Generalization of Substitution-Permutation Networks: The HADES Design Strategy

    ER -