Article: Searching the space of tower field implementations of the 𝔽28 inverter - with applications to AES, Camellia and SM4 Journal: International Journal of Information and Computer Security (IJICS) 2023 Vol.20 No.1/2 pp.1 - 26 Abstract: The tower field implementation of the 𝔽28 inverter is not only the key technique for compact implementations of the S-boxes of several internationally standardised block ciphers such as AES, Camellia, and SM4, but also the underlying structure many side-channel attack resistant AES implementations rely on. In this work, we conduct an exhaustive study of the tower field representations of the 𝔽28 inverter with normal bases by applying several state-of-the-art combinatorial logic minimisation techniques. As a result, we achieve improved implementations of the AES, Camellia and SM4 S-boxes in terms of area footprint. Surprisingly, we are still able to improve the currently known most compact implementation of the AES S-box from CHES 2018 by 5.5 GE, beating the record again. For Camellia and SM4, the improvements are even more significant. The Verilog codes of our implementations of the AES, Camellia and SM4 S-boxes are openly available. Inderscience Publishers - linking academia, business and industry through research

You can view the full text of this article for free using the link below.

Title: Searching the space of tower field implementations of the 𝔽_2⁸ inverter - with applications to AES, Camellia and SM4

Authors: Zihao Wei; Siwei Sun; Lei Hu; Man Wei; René Peralta

Addresses: State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China; School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China ' State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China; School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China ' State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China; School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China ' State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China; School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China ' Computer Security Division, NIST, 100 Bureau Drive, Stop 8930, Gaithersburg, MD 20899-8930, USA

Abstract: The tower field implementation of the 𝔽_2⁸ inverter is not only the key technique for compact implementations of the S-boxes of several internationally standardised block ciphers such as AES, Camellia, and SM4, but also the underlying structure many side-channel attack resistant AES implementations rely on. In this work, we conduct an exhaustive study of the tower field representations of the 𝔽_2⁸ inverter with normal bases by applying several state-of-the-art combinatorial logic minimisation techniques. As a result, we achieve improved implementations of the AES, Camellia and SM4 S-boxes in terms of area footprint. Surprisingly, we are still able to improve the currently known most compact implementation of the AES S-box from CHES 2018 by 5.5 GE, beating the record again. For Camellia and SM4, the improvements are even more significant. The Verilog codes of our implementations of the AES, Camellia and SM4 S-boxes are openly available.

Keywords: tower field; inverter; S-box; AES; Camellia; SM4.

DOI: 10.1504/IJICS.2023.127999

International Journal of Information and Computer Security, 2023 Vol.20 No.1/2, pp.1 - 26

Received: 08 Aug 2019
Accepted: 17 Apr 2020
Published online: 04 Jan 2023 *

Full-text access for editors Full-text access for subscribers Free access Comment on this article

Title: Searching the space of tower field implementations of the 𝔽28 inverter - with applications to AES, Camellia and SM4

Keep up-to-date

Title: Searching the space of tower field implementations of the 𝔽_2⁸ inverter - with applications to AES, Camellia and SM4