Alzette: A 64-Bit ARX-box (Feat. CRAX and TRAX)

Christof Beierle, Alex Biryukov, Luan Cardoso dos Santos, Johann Großschädl, Léo Perrin, Aleksei Udovenko, Vesselin Velichkov, Qingju Wang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract / Description of output

S-boxes are the only source of non-linearity in many symmetric primitives. While they are often defined as being functions operating on a small space, some recent designs propose the use of much larger ones (e.g., 32 bits). In this context, an S-box is then defined as a subfunction whose cryptographic properties can be estimated precisely.

We present a 64-bit ARX-based S-box called Alzette, which can be evaluated in constant time using only 12 instructions on modern CPUs. Its parallel application can also leverage vector (SIMD) instructions. One iteration of Alzette has differential and linear properties comparable to those of the AES S-box, and two are at least as secure as the AES super S-box. As the state size is much larger than the typical 4 or 8 bits, the study of the relevant cryptographic properties of Alzette is not trivial.

We further discuss how such wide S-boxes could be used to construct round functions of 64-, 128- and 256-bit (tweakable) block ciphers with good cryptographic properties that are guaranteed even in the related-tweak setting. We use these structures to design a very lightweight 64-bit block cipher (Crax) which outperforms SPECK-64/128 for short messages on micro-controllers, and a 256-bit tweakable block cipher (Trax) which can be used to obtain strong security guarantees against powerful adversaries (nonce misuse, quantum attacks).
Original languageEnglish
Title of host publicationAdvances in Cryptology -- CRYPTO 2020
EditorsDaniele Micciancio, Thomas Ristenpart
Place of PublicationCham
PublisherSpringer
Pages419-448
Number of pages30
ISBN (Electronic)978-3-030-56877-1
ISBN (Print)978-3-030-56876-4
DOIs
Publication statusPublished - 10 Aug 2020
EventAnnual International Cryptology Conference 2020 - Virtual Conference
Duration: 17 Aug 202021 Aug 2020
https://crypto.iacr.org/2020/

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume12172
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

ConferenceAnnual International Cryptology Conference 2020
Abbreviated titleCRYPTO 2020
CityVirtual Conference
Period17/08/2021/08/20
Internet address

Keywords / Materials (for Non-textual outputs)

  • (Tweakable) block cipher
  • Related-tweak setting
  • Long trail strategy
  • Alzette
  • MEDCP
  • MELCC

Fingerprint

Dive into the research topics of 'Alzette: A 64-Bit ARX-box (Feat. CRAX and TRAX)'. Together they form a unique fingerprint.

Cite this