CINXE.COM
Ultra Low-Latency Block Cipher uLBC
<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <link href="/css/bootstrap/css/bootstrap.min.css" rel="stylesheet"> <script src="/css/bootstrap/js/bootstrap.bundle.min.js"></script> <title>Ultra Low-Latency Block Cipher uLBC</title> <link rel="stylesheet" href="/css/iacrcc.css"> <link rel="icon" type="image/png" href="/favicon.ico"> <style> div.authorname { font-weight: 500; margin-bottom: .3rem; } div.author { margin-bottom: 1rem; } span.keyword { font-weight: 500; } span.keyword a { color: black; } div.reference { margin-bottom: .5rem; } ol.bib li:before { margin-left: -1.5rem; content: "[" counter(bcounter) "] "; margin-right: .5rem; } ol.bib { list-style: none; counter-reset: bcounter; } ol.bib li { counter-increment: bcounter; margin-bottom: .5rem; } .card-header { background-color: #d1e7dd !important; } .authorlist { /* border: 1px solid #aaa; padding: 1rem; margin-bottom: 1rem; background-color: white;*/ } </style> <script> MathJax = { tex: { inlineMath: [['$', '$'], ['\\(', '\\)']], displayMath: [ ['$$','$$'], ["\\[","\\]"] ], processEnvironments: false, processEscapes: true }, "HTML-CSS": { linebreaks: { automatic: true } } }; </script> <script id="MathJax-script" async src="/js/mathjax/tex-chtml.js"></script> <link rel="schema.DC" href="http://purl.org/dc/elements/1.1/"> <meta name="DC.Creator.PersonalName" content="Guoxiao Liu"> <meta name="DC.Creator.PersonalName" content="Qingyuan Yu"> <meta name="DC.Creator.PersonalName" content="Liyuan Tang"> <meta name="DC.Creator.PersonalName" content="Shihe Ma"> <meta name="DC.Creator.PersonalName" content="Congming Wei"> <meta name="DC.Creator.PersonalName" content="Keting Jia"> <meta name="DC.Creator.PersonalName" content="Lingyue Qin"> <meta name="DC.Creator.PersonalName" content="Xiaoyang Dong"> <meta name="DC.Creator.PersonalName" content="Yantian Shen"> <meta name="DC.Date.created" content="2025-01-13 16:12:07"> <meta name="DC.Date.dateSubmitted" content="2024-10-08"> <meta name="DC.Date.dateAccepted" content="2024-12-03"> <meta name="DC.Description" xml:lang="en" lang="en" content="<p>In recent years, there has been a growing interest in low-latency ciphers. Since the first low-latency block cipher PRINCE was proposed at ASIACRYPT 2012, many low-latency primitives sprung up, such as Midori, MANTIS, QARMA and SPEEDY. Some ciphers, like SPEEDY and Orthros, introduce bit permutations to achieve reduced delay. However, this approach poses a challenge in evaluating the resistance against some cryptanalysis, especially differential and linear attacks. SPEEDY-7-192, was fully broken by Boura et.al. using differential attack, for example. In this paper, we manage to propose a novel low-latency block cipher, which guarantees security against differential and linear attacks. Revisiting the permutation technique used in Orthros, we investigate the selection of nibble permutations and propose a method for selecting them systematically rather than relying on random search. Our new nibble permutation method ensures the existence of impossible differential and differential trails for up to 8 rounds, while the nibble permutations for both branches of Orthros may lead to a 9-round impossible differential trail. Furthermore, we introduce a new approach for constructing low-latency coordinate functions for 4-bit S-boxes, which involves a more precise delay computation compared to traditional methods based solely on circuit depth. The new low-latency primitive uLBC we propose, is a family of 128-bit block ciphers, with three different versions of key length, respectively 128-bit and 256-bit key, as well as a 384-bit tweakey version with variable-length key. According to the key length, named uLBC-128, uLBC-256 and uLBC-384t. Our analysis shows that uLBC-128 exhibits lower latency and area requirements compared to ciphers such as QARMA9-128 and Midori128. On performance, uLBC-128 has excellent AT performance, the best performance except SPEEDY-6, and even the best performance in UMC 55nm in our experiments. </p>"> <meta name="DC.Format" content="application/pdf"> <meta name="DC.Identifier.DOI" content="10.62056/a63zzoja5"> <meta name="DC.Identifier.URI" content="https://cic.iacr.org/p/1/4/25"> <meta name="DC.Language" content="en"> <meta name="DC.Rights" content="Copyright (c) 2023 held by author(s)"> <meta name="DC.Rights" content="https://creativecommons.org/licenses/by/4.0/"> <meta name="DC.Source" content="IACR Communications in Cryptology"> <meta name="DC.Source.ISSN" content="3006-5496"> <meta name="DC.Source.Issue" content="4"> <meta name="DC.Source.Volume" content="1"> <meta name="DC.Subject" xml:lang="en" lang="en" content="Block Cipher Design"> <meta name="DC.Subject" xml:lang="en" lang="en" content="Low Latency Cipher"> <meta name="DC.Subject" xml:lang="en" lang="en" content="Low Latency S-box"> <meta name="DC.Title" content="Ultra Low-Latency Block Cipher uLBC"> <meta name="DC.Type" content="Text.Serial.Journal"> <meta name="DC.Type.articleType" content="Articles"> <meta name="citation_journal_title" content="IACR Communications in Cryptology"> <meta name="citation_journal_abbrev" content="CiC"> <meta name="citation_issn" content="3006-5496"><meta name="citation_author" content="Guoxiao Liu"> <meta name="citation_author_institution" content="Institute for Network Sciences and Cyberspace, Tsinghua University"> <meta name="citation_author" content="Qingyuan Yu"> <meta name="citation_author_institution" content="School of Cyber Science and Technology, Shandong University"> <meta name="citation_author_institution" content="Key Laboratory of Cryptologic Technology and Information Security"> <meta name="citation_author" content="Liyuan Tang"> <meta name="citation_author_institution" content="Institute for Network Sciences and Cyberspace, Tsinghua University"> <meta name="citation_author" content="Shihe Ma"> <meta name="citation_author_institution" content="Institute for Network Sciences and Cyberspace, Tsinghua University"> <meta name="citation_author" content="Congming Wei"> <meta name="citation_author_institution" content="School of Cyberspace Science and Technology, Beijing Institute of Technology"> <meta name="citation_author" content="Keting Jia"> <meta name="citation_author_institution" content="Institute for Network Sciences and Cyberspace, Tsinghua University"> <meta name="citation_author_institution" content="Zhongguancun Laboratory"> <meta name="citation_author_institution" content="BNRist, Tsinghua University"> <meta name="citation_author" content="Lingyue Qin"> <meta name="citation_author_institution" content="Zhongguancun Laboratory"> <meta name="citation_author_institution" content="BNRist, Tsinghua University"> <meta name="citation_author" content="Xiaoyang Dong"> <meta name="citation_author_institution" content="Institute for Network Sciences and Cyberspace, Tsinghua University"> <meta name="citation_author_institution" content="Zhongguancun Laboratory"> <meta name="citation_author_institution" content="BNRist, Tsinghua University"> <meta name="citation_author" content="Yantian Shen"> <meta name="citation_author_institution" content="Department of Computer Science and Technology, Tsinghua University"> <meta name="citation_title" content="Ultra Low-Latency Block Cipher uLBC"> <meta name="citation_language" content="en"> <meta name="citation_date" content="2025-01-13"> <meta name="citation_volume" content="1"> <meta name="citation_issue" content="4"> <meta name="citation_doi" content="10.62056/a63zzoja5"> <meta name="citation_abstract_html_url" content="https://cic.iacr.org/p/1/4/25"> <meta name="citation_keywords" xml:lang="en" lang="en" content="Block Cipher Design"><meta name="citation_keywords" xml:lang="en" lang="en" content="Low Latency Cipher"><meta name="citation_keywords" xml:lang="en" lang="en" content="Low Latency S-box"> <meta name="citation_pdf_url" content="https://cic.iacr.org/p/1/4/25/pdf"> </head> <body> <noscript> <h1 class="text-center">What a lovely hat</h1> <h4 class="text-center">Is it made out of <a href="https://iacr.org/tinfoil.html">tin foil</a>?</h4> </noscript> <div class="pageTop d-flex justify-content-md-around justify-content-between align-items-center"> <a href="https://iacr.org"><img id="logo" class="d-none d-lg-block ms-5" src="/images/iacrlogo_small.png" title="International Association for Cryptologic Research" alt="IACR logo"></a> <span class="headerTitle d-none d-md-block">Communications in Cryptology</span> <span class="headerTitle d-md-none">IACR CiC</span> <div class="dropdown ps-lg-2 me-5"> <button class="btn border-0" type="button" id="dropdownMenuButton1" data-bs-toggle="dropdown" aria-expanded="true"> <img src="/images/search.svg" class="searchIcon" alt="Search Button" style="width:33px;"> </button> <div id="searchDd" class="dropdown-menu dropdown-menu-end bg-transparent border-0" aria-labelledby="dropdownMenuButton1" data-bs-popper="none"> <form action="/search" method="GET" class="me-3"> <div class="input-group"> <input id="searchbox" name="q" type="search" class="form-control shadow-none" autocomplete="off" > <input type="hidden" name="d" value="/var/www/wsgi/cicjournal/webapp/search_index/xapian.db"> <button class="btn btn-outline-dark border border-dark input-group-append"> Search </button> </div> </form> <div id="results" class="bg-light"></div> </div> </div> </div> <nav id="sitenav" class="navbar navbar-expand-md"> <div class="container"> <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#collapseContent" aria-controls="collapseContent" aria-expanded="false" aria-label="Toggle navigation"> <span class="navbar-toggler-icon"></span> </button> <div class="collapse navbar-collapse" id="collapseContent"> <ul class="navbar-nav nav-fill w-100 justify-content-between"> <li class="nav-item"> <a class="nav-link active" aria-current="page" href="/">Home</a> </li> <li class="nav-item"> <a class="nav-link" href="/contents">Papers</a> </li> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="#" role="button" data-bs-toggle="dropdown" aria-expanded="false"> Submissions </a> <ul class="dropdown-menu ms-3 ms-lg-5"> <li><a class="dropdown-item" href="/callforpapers">Call for papers</a></li> <li><a class="dropdown-item" href="/ethics">Publication ethics</a></li> <li><a class="dropdown-item" href="/irregular">Irregular submissions</a></li> <li><a class="dropdown-item" href="/conflicts">Conflict of interest</a></li> <li><a class="dropdown-item" href="/retraction">Retraction policy</a></li> </ul> </li> <li class="nav-item"> <a class="nav-link" href="/faq">FAQ</a> </li> <li class="nav-item"> <a class="nav-link" href="/contact">Contact</a> </li> <li class="nav-item"> <a class="nav-link" href="/board">Editorial board</a> </li> <li class="nav-item dropdown"> <a href="#" class="ms-md-5 nav-link dropdown-toggle" data-bs-toggle="dropdown"><img alt="Login" src="/images/user.svg"></a> <ul class="dropdown-menu"> <li><a href="/login" class="dropdown-item">Admin login</a></li> </ul> </li> </ul> </div> </div> </nav> <main id="mainContent" class="container"> <nav aria-label="breadcrumb" class="mt-3"> <ol class="breadcrumb"> <li class="breadcrumb-item"><a href="/">Home</a></li> <li class="breadcrumb-item"><a href="/v/1">Volume 1</a></li> <li class="breadcrumb-item"><a href="/i/1/4">Issue 4</a></li> <li class="breadcrumb-item active" aria-current="page">25</li> </ol> </nav> <h2>Ultra Low-Latency Block Cipher uLBC</h2> <div class="row mt-3"> <div class="col-12 col-md-8"> <h3 class="mt-2">Authors</h3> <div class="fs-4 mb-4 mt-2 d-flex justify-content-between flex-column flex-lg-row"> <div>Guoxiao Liu, Qingyuan Yu, Liyuan Tang, Shihe Ma, Congming Wei, Keting Jia, Lingyue Qin, Xiaoyang Dong, Yantian Shen</div> <button role="button" aria-expanded="false" aria-controls="authorlist" class="ms-4 btn me-3 dropdown-toggle" data-bs-toggle="collapse" data-bs-target="#authorlist">Author Info</button> </div> <div id="authorlist" class="authorlist collapse"> <div class="author"> <div class="authorname">Guoxiao Liu </div> <div class="ms-4 mb-2"> Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China<br> <span class="font-monospace">lgx22 at mails dot tsinghua dot edu dot cn</span> </div> </div> <div class="author"> <div class="authorname">Qingyuan Yu <a target="_blank" href="https://orcid.org/0000-0003-2814-5431"><img alt="ORCID" class="align-baseline orcidIcon" src="/images/orcid.svg"></a> </div> <div class="ms-4 mb-2"> School of Cyber Science and Technology, Shandong University, Qingdao, China<br> Key Laboratory of Cryptologic Technology and Information Security, Jinan, China<br> <span class="font-monospace">yuqy at mail dot sdu dot edu dot cn</span> </div> </div> <div class="author"> <div class="authorname">Liyuan Tang </div> <div class="ms-4 mb-2"> Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China<br> <span class="font-monospace">tangly22 at mails dot tsinghua dot edu dot cn</span> </div> </div> <div class="author"> <div class="authorname">Shihe Ma </div> <div class="ms-4 mb-2"> Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China<br> <span class="font-monospace">msh21 at mails dot tsinghua dot edu dot cn</span> </div> </div> <div class="author"> <div class="authorname">Congming Wei </div> <div class="ms-4 mb-2"> School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China<br> <span class="font-monospace">weicm at bit dot edu dot cn</span> </div> </div> <div class="author"> <div class="authorname">Keting Jia <a target="_blank" href="https://orcid.org/0000-0002-6396-8882"><img alt="ORCID" class="align-baseline orcidIcon" src="/images/orcid.svg"></a> </div> <div class="ms-4 mb-2"> Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China<br> Zhongguancun Laboratory, Beijing, China<br> BNRist, Tsinghua University, Beijing, China<br> <span class="font-monospace">ktjia at tsinghua dot edu dot cn</span> </div> </div> <div class="author"> <div class="authorname">Lingyue Qin <a target="_blank" href="https://orcid.org/0000-0003-3312-2189"><img alt="ORCID" class="align-baseline orcidIcon" src="/images/orcid.svg"></a> </div> <div class="ms-4 mb-2"> Zhongguancun Laboratory, Beijing, China<br> BNRist, Tsinghua University, Beijing, China<br> <span class="font-monospace">qinly at tsinghua dot edu dot cn</span> </div> </div> <div class="author"> <div class="authorname">Xiaoyang Dong <a target="_blank" href="https://orcid.org/0000-0002-3444-6030"><img alt="ORCID" class="align-baseline orcidIcon" src="/images/orcid.svg"></a> </div> <div class="ms-4 mb-2"> Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China<br> Zhongguancun Laboratory, Beijing, China<br> BNRist, Tsinghua University, Beijing, China<br> <span class="font-monospace">xiaoyangdong at tsinghua dot edu dot cn</span> </div> </div> <div class="author"> <div class="authorname">Yantian Shen </div> <div class="ms-4 mb-2"> Department of Computer Science and Technology, Tsinghua University, Beijing, China<br> <span class="font-monospace">shenyt22 at mails dot tsinghua dot edu dot cn</span> </div> </div> </div> <div class="mb-3"> <strong class="fs-4">Keywords: </strong> <span class="badge p-2 text-bg-light keyword ms-2 my-1" alt="Block Cipher Design" title="Block Cipher Design"><a href="/search?q=Block%20Cipher%20Design">Block Cipher Design</a></span> <span class="badge p-2 text-bg-light keyword ms-2 my-1" alt="Low Latency Cipher" title="Low Latency Cipher"><a href="/search?q=Low%20Latency%20Cipher">Low Latency Cipher</a></span> <span class="badge p-2 text-bg-light keyword ms-2 my-1" alt="Low Latency S-box" title="Low Latency S-box"><a href="/search?q=Low%20Latency%20S-box">Low Latency S-box</a></span> </div> <h3 class="mt-4">Abstract</h3> <p><p>In recent years, there has been a growing interest in low-latency ciphers. Since the first low-latency block cipher PRINCE was proposed at ASIACRYPT 2012, many low-latency primitives sprung up, such as Midori, MANTIS, QARMA and SPEEDY. Some ciphers, like SPEEDY and Orthros, introduce bit permutations to achieve reduced delay. However, this approach poses a challenge in evaluating the resistance against some cryptanalysis, especially differential and linear attacks. SPEEDY-7-192, was fully broken by Boura et.al. using differential attack, for example. In this paper, we manage to propose a novel low-latency block cipher, which guarantees security against differential and linear attacks. Revisiting the permutation technique used in Orthros, we investigate the selection of nibble permutations and propose a method for selecting them systematically rather than relying on random search. Our new nibble permutation method ensures the existence of impossible differential and differential trails for up to 8 rounds, while the nibble permutations for both branches of Orthros may lead to a 9-round impossible differential trail. Furthermore, we introduce a new approach for constructing low-latency coordinate functions for 4-bit S-boxes, which involves a more precise delay computation compared to traditional methods based solely on circuit depth. The new low-latency primitive uLBC we propose, is a family of 128-bit block ciphers, with three different versions of key length, respectively 128-bit and 256-bit key, as well as a 384-bit tweakey version with variable-length key. According to the key length, named uLBC-128, uLBC-256 and uLBC-384t. Our analysis shows that uLBC-128 exhibits lower latency and area requirements compared to ciphers such as QARMA9-128 and Midori128. On performance, uLBC-128 has excellent AT performance, the best performance except SPEEDY-6, and even the best performance in UMC 55nm in our experiments. </p></p> <h3 class="mb-3">References</h3> <div class="d-flex"> <div style="min-width:9rem;">[ABD<sup>+</sup>23]</div> <div><div id="ref-DBLP:journals/tosc/AvanziBDEGNR23" class="bibitem">Roberto Avanzi, Subhadeep Banik, Orr Dunkelman, Maria Eichlseder, Shibam Ghosh, Marcel Nageler, and Francesco Regazzoni. The QARMAv2 Family of Tweakable Block Ciphers. <em>IACR Trans. Symmetric Cryptol.</em>, 2023(3):25–73, 2023. DOI: <a href="https://doi.org/10.46586/TOSC.V2023.I3.25-73">10.46586/TOSC.V2023.I3.25-73</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Roberto+Avanzi+Subhadeep+Banik+Orr+Dunkelman+Maria+Eichlseder+Shibam+Ghosh+Marcel+Nageler+Francesco+Regazzoni+The+QARMAv2+Family+of+Tweakable+Block+Ciphers+2023" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Roberto+Avanzi+Subhadeep+Banik+Orr+Dunkelman+Maria+Eichlseder+Shibam+Ghosh+Marcel+Nageler+Francesco+Regazzoni&title=The+QARMAv2+Family+of+Tweakable+Block+Ciphers&submittedafter=2022&submittedbefore=2024" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[AS08]</div> <div><div id="ref-DBLP:conf/sacrypt/AokiS08" class="bibitem">Kazumaro Aoki and Yu Sasaki. Preimage Attacks on One-Block MD4, 63-Step MD5 and More. In Roberto Maria Avanzi, Liam Keliher, and Francesco Sica, editors, <em>Selected Areas in Cryptography, 15th International Workshop, SAC 2008, Sackville, New Brunswick, Canada, August 14-15, Revised Selected Papers</em>, volume 5381 of <em>Lecture Notes in Computer Science</em>, pages 103–119. 2008. Springer. DOI: <a href="https://doi.org/10.1007/978-3-642-04159-4_7">10.1007/978-3-642-04159-4_7</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Kazumaro+Aoki+Yu+Sasaki+Preimage+Attacks+on+One-Block+MD4%2C+63-Step+MD5+and+More+2008" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Kazumaro+Aoki+Yu+Sasaki&title=Preimage+Attacks+on+One-Block+MD4%2C+63-Step+MD5+and+More&submittedafter=2007&submittedbefore=2009" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[Ava17]</div> <div><div id="ref-DBLP:journals/tosc/Avanzi17" class="bibitem">Roberto Avanzi. The QARMA Block Cipher Family. Almost MDS Matrices Over Rings With Zero Divisors, Nearly Symmetric Even-Mansour Constructions With Non-Involutory Central Rounds, and Search Heuristics for Low-Latency S-Boxes. <em>IACR Trans. Symmetric Cryptol.</em>, 2017(1):4–44, 2017. DOI: <a href="https://doi.org/10.13154/tosc.v2017.i1.4-44">10.13154/tosc.v2017.i1.4-44</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Roberto+Avanzi+The+QARMA+Block+Cipher+Family.+Almost+MDS+Matrices+Over+Rings+With+Zero+Divisors%2C+Nearly+Symmetric+Even-Mansour+Constructions+With+Non-Involutory+Central+Rounds%2C+and+Search+Heuristics+for+Low-Latency+S-Boxes+2017" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Roberto+Avanzi&title=The+QARMA+Block+Cipher+Family.+Almost+MDS+Matrices+Over+Rings+With+Zero+Divisors%2C+Nearly+Symmetric+Even-Mansour+Constructions+With+Non-Involutory+Central+Rounds%2C+and+Search+Heuristics+for+Low-Latency+S-Boxes&submittedafter=2016&submittedbefore=2018" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[BBI<sup>+</sup>15]</div> <div><div id="ref-DBLP:conf/asiacrypt/BanikBISHAR15" class="bibitem">Subhadeep Banik, Andrey Bogdanov, Takanori Isobe, Kyoji Shibutani, Harunaga Hiwatari, Toru Akishita, and Francesco Regazzoni. Midori: A Block Cipher for Low Energy. In Tetsu Iwata and Jung Hee Cheon, editors, <em>Advances in Cryptology - ASIACRYPT 2015 - 21st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, November 29 - December 3, 2015, Proceedings, Part II</em>, volume 9453 of <em>Lecture Notes in Computer Science</em>, pages 411–436. 2015. Springer. DOI: <a href="https://doi.org/10.1007/978-3-662-48800-3_17">10.1007/978-3-662-48800-3_17</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Subhadeep+Banik+Andrey+Bogdanov+Takanori+Isobe+Kyoji+Shibutani+Harunaga+Hiwatari+Toru+Akishita+Francesco+Regazzoni+Midori%3A+A+Block+Cipher+for+Low+Energy+2015" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Subhadeep+Banik+Andrey+Bogdanov+Takanori+Isobe+Kyoji+Shibutani+Harunaga+Hiwatari+Toru+Akishita+Francesco+Regazzoni&title=Midori%3A+A+Block+Cipher+for+Low+Energy&submittedafter=2014&submittedbefore=2016" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[BBS99]</div> <div><div id="ref-DBLP:conf/eurocrypt/BihamBS99" class="bibitem">Eli Biham, Alex Biryukov, and Adi Shamir. Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials. In Jacques Stern, editor, <em>Advances in Cryptology - EUROCRYPT '99, International Conference on the Theory and Application of Cryptographic Techniques, Prague, Czech Republic, May 2-6, 1999, Proceeding</em>, volume 1592 of <em>Lecture Notes in Computer Science</em>, pages 12–23. 1999. Springer. DOI: <a href="https://doi.org/10.1007/3-540-48910-X_2">10.1007/3-540-48910-X_2</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Eli+Biham+Alex+Biryukov+Adi+Shamir+Cryptanalysis+of+Skipjack+Reduced+to+31+Rounds+Using+Impossible+Differentials+1999" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Eli+Biham+Alex+Biryukov+Adi+Shamir&title=Cryptanalysis+of+Skipjack+Reduced+to+31+Rounds+Using+Impossible+Differentials&submittedafter=1998&submittedbefore=2000" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[BCG<sup>+</sup>12]</div> <div><div id="ref-PRINCE2012" class="bibitem">Julia Borghoff, Anne Canteaut, Tim Güneysu, Elif Bilge Kavun, Miroslav Knezevic, Lars R. Knudsen, Gregor Leander, Ventzislav Nikov, Christof Paar, Christian Rechberger, Peter Rombouts, Søren S. Thomsen, and Tolga Yalçin. PRINCE - A Low-Latency Block Cipher for Pervasive Computing Applications - Extended Abstract. In Xiaoyun Wang and Kazue Sako, editors, <em>Advances in Cryptology - ASIACRYPT 2012 - 18th International Conference on the Theory and Application of Cryptology and Information Security, Beijing, China, December 2-6, 2012. Proceedings</em>, volume 7658 of <em>Lecture Notes in Computer Science</em>, pages 208–225. 2012. Springer. DOI: <a href="https://doi.org/10.1007/978-3-642-34961-4_14">10.1007/978-3-642-34961-4_14</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Julia+Borghoff+Anne+Canteaut+Tim+G%C3%BCneysu+Elif+Bilge+Kavun+Miroslav+Knezevic+Lars+R.+Knudsen+Gregor+Leander+Ventzislav+Nikov+Christof+Paar+Christian+Rechberger+Peter+Rombouts+S%C3%B8ren+S.+Thomsen+Tolga+Yal%C3%A7in+PRINCE+-+A+Low-Latency+Block+Cipher+for+Pervasive+Computing+Applications+-+Extended+Abstract+2012" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Julia+Borghoff+Anne+Canteaut+Tim+G%C3%BCneysu+Elif+Bilge+Kavun+Miroslav+Knezevic+Lars+R.+Knudsen+Gregor+Leander+Ventzislav+Nikov+Christof+Paar+Christian+Rechberger+Peter+Rombouts+S%C3%B8ren+S.+Thomsen+Tolga+Yal%C3%A7in&title=PRINCE+-+A+Low-Latency+Block+Cipher+for+Pervasive+Computing+Applications+-+Extended+Abstract&submittedafter=2011&submittedbefore=2013" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[BCLR17]</div> <div><div id="ref-10.1007/978-3-319-63715-0_22" class="bibitem">Christof Beierle, Anne Canteaut, Gregor Leander, and Yann Rotella. Proving Resistance Against Invariant Attacks: How to Choose the Round Constants. In Jonathan Katz and Hovav Shacham, editors, <em>Advances in Cryptology - CRYPTO 2017 - 37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20-24, 2017, Proceedings, Part II</em>, volume 10402 of <em>Lecture Notes in Computer Science</em>, pages 647–678. 2017. Springer. DOI: <a href="https://doi.org/10.1007/978-3-319-63715-0_22">10.1007/978-3-319-63715-0_22</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Christof+Beierle+Anne+Canteaut+Gregor+Leander+Yann+Rotella+Proving+Resistance+Against+Invariant+Attacks%3A+How+to+Choose+the+Round+Constants+2017" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Christof+Beierle+Anne+Canteaut+Gregor+Leander+Yann+Rotella&title=Proving+Resistance+Against+Invariant+Attacks%3A+How+to+Choose+the+Round+Constants&submittedafter=2016&submittedbefore=2018" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[BDBN23]</div> <div><div id="ref-cryptoeprint:2022/1351" class="bibitem">Christina Boura, Nicolas David, Rachelle Heim Boissier, and María Naya-Plasencia. Better Steady than Speedy: Full Break of SPEEDY-7-192. In Carmit Hazay and Martijn Stam, editors, <em>Advances in Cryptology - EUROCRYPT 2023 - 42nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Lyon, France, April 23-27, 2023, Proceedings, Part IV</em>, volume 14007 of <em>Lecture Notes in Computer Science</em>, pages 36–66. 2023. Springer. DOI: <a href="https://doi.org/10.1007/978-3-031-30634-1_2">10.1007/978-3-031-30634-1_2</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Christina+Boura+Nicolas+David+Rachelle+Heim+Boissier+Mar%C3%ADa+Naya-Plasencia+Better+Steady+than+Speedy%3A+Full+Break+of+SPEEDY-7-192+2023" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Christina+Boura+Nicolas+David+Rachelle+Heim+Boissier+Mar%C3%ADa+Naya-Plasencia&title=Better+Steady+than+Speedy%3A+Full+Break+of+SPEEDY-7-192&submittedafter=2022&submittedbefore=2024" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[BDD<sup>+</sup>23]</div> <div><div id="ref-DBLP:journals/tches/BelkheyarDDGR23" class="bibitem">Yanis Belkheyar, Joan Daemen, Christoph Dobraunig, Santosh Ghosh, and Shahram Rasoolzadeh. BipBip: A Low-Latency Tweakable Block Cipher with Small Dimensions. <em>IACR Trans. Cryptogr. Hardw. Embed. Syst.</em>, 2023(1):326–368, 2023. DOI: <a href="https://doi.org/10.46586/tches.v2023.i1.326-368">10.46586/tches.v2023.i1.326-368</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Yanis+Belkheyar+Joan+Daemen+Christoph+Dobraunig+Santosh+Ghosh+Shahram+Rasoolzadeh+BipBip%3A+A+Low-Latency+Tweakable+Block+Cipher+with+Small+Dimensions+2023" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Yanis+Belkheyar+Joan+Daemen+Christoph+Dobraunig+Santosh+Ghosh+Shahram+Rasoolzadeh&title=BipBip%3A+A+Low-Latency+Tweakable+Block+Cipher+with+Small+Dimensions&submittedafter=2022&submittedbefore=2024" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[BEK<sup>+</sup>21]</div> <div><div id="ref-20PRINCEv2" class="bibitem">Dušan Božilov, Maria Eichlseder, Miroslav Knezevic, Baptiste Lambin, Gregor Leander, Thorben Moos, Ventzislav Nikov, Shahram Rasoolzadeh, Yosuke Todo, and Friedrich Wiemer. PRINCEv2 - More Security for (Almost) No Overhead. In Orr Dunkelman, Michael J. Jacobson Jr., and Colin O'Flynn, editors, <em>Selected Areas in Cryptography</em>, pages 483–511. 2021. Springer. DOI: <a href="https://doi.org/10.1007/978-3-030-81652-0_19">10.1007/978-3-030-81652-0_19</a> 27th International Conference on Selected Areas in Cryptography : SAC 2020, SAC 2020 ; Conference date: 19-10-2020 Through 23-10-2020</div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Du%C5%A1an+Bo%C5%BEilov+Maria+Eichlseder+Miroslav+Knezevic+Baptiste+Lambin+Gregor+Leander+Thorben+Moos+Ventzislav+Nikov+Shahram+Rasoolzadeh+Yosuke+Todo+Friedrich+Wiemer+PRINCEv2+-+More+Security+for+%28Almost%29+No+Overhead+2021" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Du%C5%A1an+Bo%C5%BEilov+Maria+Eichlseder+Miroslav+Knezevic+Baptiste+Lambin+Gregor+Leander+Thorben+Moos+Ventzislav+Nikov+Shahram+Rasoolzadeh+Yosuke+Todo+Friedrich+Wiemer&title=PRINCEv2+-+More+Security+for+%28Almost%29+No+Overhead&submittedafter=2020&submittedbefore=2022" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[BGLS19]</div> <div><div id="ref-Bao_Guo_Ling_Sasaki_2019" class="bibitem">Zhenzhen Bao, Jian Guo, San Ling, and Yu Sasaki. <a href="https://tosc.iacr.org/index.php/ToSC/article/view/7406">PEIGEN – a Platform for Evaluation, Implementation, and Generation of S-boxes</a>. <em>IACR Transactions on Symmetric Cryptology</em>, 2019(1):330–394, Mar. 2019. DOI: <a href="https://doi.org/10.13154/tosc.v2019.i1.330-394">10.13154/tosc.v2019.i1.330-394</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Zhenzhen+Bao+Jian+Guo+San+Ling+Yu+Sasaki+PEIGEN+%E2%80%93+a+Platform+for+Evaluation%2C+Implementation%2C+and+Generation+of+S-boxes+2019" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Zhenzhen+Bao+Jian+Guo+San+Ling+Yu+Sasaki&title=PEIGEN+%E2%80%93+a+Platform+for+Evaluation%2C+Implementation%2C+and+Generation+of+S-boxes&submittedafter=2018&submittedbefore=2020" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[BIL<sup>+</sup>21]</div> <div><div id="ref-Banik_Isobe_Liu_Minematsu_Sakamoto_2021" class="bibitem">Subhadeep Banik, Takanori Isobe, Fukang Liu, Kazuhiko Minematsu, and Kosei Sakamoto. <a href="https://tosc.iacr.org/index.php/ToSC/article/view/8833">Orthros: A Low-Latency PRF</a>. <em>IACR Transactions on Symmetric Cryptology</em>, 2021(1):37–77, Mar. 2021. DOI: <a href="https://doi.org/10.46586/tosc.v2021.i1.37-77">10.46586/tosc.v2021.i1.37-77</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Subhadeep+Banik+Takanori+Isobe+Fukang+Liu+Kazuhiko+Minematsu+Kosei+Sakamoto+Orthros%3A+A+Low-Latency+PRF+2021" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Subhadeep+Banik+Takanori+Isobe+Fukang+Liu+Kazuhiko+Minematsu+Kosei+Sakamoto&title=Orthros%3A+A+Low-Latency+PRF&submittedafter=2020&submittedbefore=2022" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[BJK<sup>+</sup>16]</div> <div><div id="ref-DBLP:conf/crypto/BeierleJKL0PSSS16" class="bibitem">Christof Beierle, Jérémy Jean, Stefan Kölbl, Gregor Leander, Amir Moradi, Thomas Peyrin, Yu Sasaki, Pascal Sasdrich, and Siang Meng Sim. The SKINNY Family of Block Ciphers and Its Low-Latency Variant MANTIS. In Matthew Robshaw and Jonathan Katz, editors, <em>Advances in Cryptology - CRYPTO 2016 - 36th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 14-18, 2016, Proceedings, Part II</em>, volume 9815 of <em>Lecture Notes in Computer Science</em>, pages 123–153. 2016. Springer. DOI: <a href="https://doi.org/10.1007/978-3-662-53008-5_5">10.1007/978-3-662-53008-5_5</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Christof+Beierle+J%C3%A9r%C3%A9my+Jean+Stefan+K%C3%B6lbl+Gregor+Leander+Amir+Moradi+Thomas+Peyrin+Yu+Sasaki+Pascal+Sasdrich+Siang+Meng+Sim+The+SKINNY+Family+of+Block+Ciphers+and+Its+Low-Latency+Variant+MANTIS+2016" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Christof+Beierle+J%C3%A9r%C3%A9my+Jean+Stefan+K%C3%B6lbl+Gregor+Leander+Amir+Moradi+Thomas+Peyrin+Yu+Sasaki+Pascal+Sasdrich+Siang+Meng+Sim&title=The+SKINNY+Family+of+Block+Ciphers+and+Its+Low-Latency+Variant+MANTIS&submittedafter=2015&submittedbefore=2017" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[BKR11]</div> <div><div id="ref-DBLP:conf/asiacrypt/BogdanovKR11" class="bibitem">Andrey Bogdanov, Dmitry Khovratovich, and Christian Rechberger. Biclique Cryptanalysis of the Full AES. In Dong Hoon Lee and Xiaoyun Wang, editors, <em>Advances in Cryptology - ASIACRYPT 2011 - 17th International Conference on the Theory and Application of Cryptology and Information Security, Seoul, South Korea, December 4-8, 2011. Proceedings</em>, volume 7073 of <em>Lecture Notes in Computer Science</em>, pages 344–371. 2011. Springer. DOI: <a href="https://doi.org/10.1007/978-3-642-25385-0_19">10.1007/978-3-642-25385-0_19</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Andrey+Bogdanov+Dmitry+Khovratovich+Christian+Rechberger+Biclique+Cryptanalysis+of+the+Full+AES+2011" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Andrey+Bogdanov+Dmitry+Khovratovich+Christian+Rechberger&title=Biclique+Cryptanalysis+of+the+Full+AES&submittedafter=2010&submittedbefore=2012" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[DKR97]</div> <div><div id="ref-DBLP:conf/fse/DaemenKR97" class="bibitem">Joan Daemen, Lars R. Knudsen, and Vincent Rijmen. The Block Cipher Square. In Eli Biham, editor, <em>Fast Software Encryption, 4th International Workshop, FSE '97, Haifa, Israel, January 20-22, 1997, Proceedings</em>, volume 1267 of <em>Lecture Notes in Computer Science</em>, pages 149–165. 1997. Springer. DOI: <a href="https://doi.org/10.1007/BFb0052343">10.1007/BFb0052343</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Joan+Daemen+Lars+R.+Knudsen+Vincent+Rijmen+The+Block+Cipher+Square+1997" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Joan+Daemen+Lars+R.+Knudsen+Vincent+Rijmen&title=The+Block+Cipher+Square&submittedafter=1996&submittedbefore=1998" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[DKS10]</div> <div><div id="ref-DBLP:conf/crypto/DunkelmanKS10" class="bibitem">Orr Dunkelman, Nathan Keller, and Adi Shamir. A Practical-Time Related-Key Attack on the KASUMI Cryptosystem Used in GSM and 3G Telephony. In Tal Rabin, editor, <em>Advances in Cryptology - CRYPTO 2010, 30th Annual Cryptology Conference, Santa Barbara, CA, USA, August 15-19, 2010. Proceedings</em>, volume 6223 of <em>Lecture Notes in Computer Science</em>, pages 393–410. 2010. Springer. DOI: <a href="https://doi.org/10.1007/978-3-642-14623-7_21">10.1007/978-3-642-14623-7_21</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Orr+Dunkelman+Nathan+Keller+Adi+Shamir+A+Practical-Time+Related-Key+Attack+on+the+KASUMI+Cryptosystem+Used+in+GSM+and+3G+Telephony+2010" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Orr+Dunkelman+Nathan+Keller+Adi+Shamir&title=A+Practical-Time+Related-Key+Attack+on+the+KASUMI+Cryptosystem+Used+in+GSM+and+3G+Telephony&submittedafter=2009&submittedbefore=2011" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[GJN<sup>+</sup>15]</div> <div><div id="ref-cryptoeprint:2015/1189" class="bibitem">Jian Guo, Jérémy Jean, Ivica Nikolic, Kexin Qiao, Yu Sasaki, and Siang Meng Sim. <a href="http://eprint.iacr.org/2015/1189">Invariant Subspace Attack Against Full Midori64</a>. <em>IACR Cryptol. ePrint Arch.</em>, 2015.</div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Jian+Guo+J%C3%A9r%C3%A9my+Jean+Ivica+Nikolic+Kexin+Qiao+Yu+Sasaki+Siang+Meng+Sim+Invariant+Subspace+Attack+Against+Full+Midori64+2015" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Jian+Guo+J%C3%A9r%C3%A9my+Jean+Ivica+Nikolic+Kexin+Qiao+Yu+Sasaki+Siang+Meng+Sim&title=Invariant+Subspace+Attack+Against+Full+Midori64&submittedafter=2014&submittedbefore=2016" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[GL16]</div> <div><div id="ref-10.1007/978-3-319-49890-4_16" class="bibitem">David Gérault and Pascal Lafourcade. Related-Key Cryptanalysis of Midori. In Orr Dunkelman and Somitra Kumar Sanadhya, editors, <em>Progress in Cryptology - INDOCRYPT 2016 - 17th International Conference on Cryptology in India, Kolkata, India, December 11-14, 2016, Proceedings</em>, volume 10095 of <em>Lecture Notes in Computer Science</em>, pages 287–304. 2016. DOI: <a href="https://doi.org/10.1007/978-3-319-49890-4_16">10.1007/978-3-319-49890-4_16</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=David+G%C3%A9rault+Pascal+Lafourcade+Related-Key+Cryptanalysis+of+Midori+2016" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=David+G%C3%A9rault+Pascal+Lafourcade&title=Related-Key+Cryptanalysis+of+Midori&submittedafter=2015&submittedbefore=2017" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[HWW20]</div> <div><div id="ref-DBLP:journals/tosc/HuWW20" class="bibitem">Kai Hu, Qingju Wang, and Meiqin Wang. Finding Bit-Based Division Property for Ciphers with Complex Linear Layers. <em>IACR Trans. Symmetric Cryptol.</em>, 2020(1):396–424, 2020. DOI: <a href="https://doi.org/10.13154/tosc.v2020.i1.396-424">10.13154/tosc.v2020.i1.396-424</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Kai+Hu+Qingju+Wang+Meiqin+Wang+Finding+Bit-Based+Division+Property+for+Ciphers+with+Complex+Linear+Layers+2020" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Kai+Hu+Qingju+Wang+Meiqin+Wang&title=Finding+Bit-Based+Division+Property+for+Ciphers+with+Complex+Linear+Layers&submittedafter=2019&submittedbefore=2021" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[JNP14]</div> <div><div id="ref-10.1007/978-3-662-45608-8_15" class="bibitem">Jérémy Jean, Ivica Nikolic, and Thomas Peyrin. Tweaks and Keys for Block Ciphers: The TWEAKEY Framework. In Palash Sarkar and Tetsu Iwata, editors, <em>Advances in Cryptology - ASIACRYPT 2014 - 20th International Conference on the Theory and Application of Cryptology and Information Security, Kaoshiung, Taiwan, R.O.C., December 7-11, 2014, Proceedings, Part II</em>, volume 8874 of <em>Lecture Notes in Computer Science</em>, pages 274–288. 2014. Springer. DOI: <a href="https://doi.org/10.1007/978-3-662-45608-8_15">10.1007/978-3-662-45608-8_15</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=J%C3%A9r%C3%A9my+Jean+Ivica+Nikolic+Thomas+Peyrin+Tweaks+and+Keys+for+Block+Ciphers%3A+The+TWEAKEY+Framework+2014" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=J%C3%A9r%C3%A9my+Jean+Ivica+Nikolic+Thomas+Peyrin&title=Tweaks+and+Keys+for+Block+Ciphers%3A+The+TWEAKEY+Framework&submittedafter=2013&submittedbefore=2015" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[LH94]</div> <div><div id="ref-LH94_DiffLin" class="bibitem">Susan K. Langford and Martin E. Hellman. Differential-Linear Cryptanalysis. In Yvo Desmedt, editor, <em>Advances in Cryptology - CRYPTO '94, 14th Annual International Cryptology Conference, Santa Barbara, California, USA, August 21-25, 1994, Proceedings</em>, volume 839 of <em>Lecture Notes in Computer Science</em>, pages 17–25. 1994. Springer. DOI: <a href="https://doi.org/10.1007/3-540-48658-5_3">10.1007/3-540-48658-5_3</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Susan+K.+Langford+Martin+E.+Hellman+Differential-Linear+Cryptanalysis+1994" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Susan+K.+Langford+Martin+E.+Hellman&title=Differential-Linear+Cryptanalysis&submittedafter=1993&submittedbefore=1995" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[LMMR21]</div> <div><div id="ref-DBLP:journals/tches/LeanderMMR21" class="bibitem">Gregor Leander, Thorben Moos, Amir Moradi, and Shahram Rasoolzadeh. The SPEEDY Family of Block Ciphers Engineering an Ultra Low-Latency Cipher from Gate Level for Secure Processor Architectures. <em>IACR Trans. Cryptogr. Hardw. Embed. Syst.</em>, 2021(4):510–545, 2021. DOI: <a href="https://doi.org/10.46586/tches.v2021.i4.510-545">10.46586/tches.v2021.i4.510-545</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Gregor+Leander+Thorben+Moos+Amir+Moradi+Shahram+Rasoolzadeh+The+SPEEDY+Family+of+Block+Ciphers+Engineering+an+Ultra+Low-Latency+Cipher+from+Gate+Level+for+Secure+Processor+Architectures+2021" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Gregor+Leander+Thorben+Moos+Amir+Moradi+Shahram+Rasoolzadeh&title=The+SPEEDY+Family+of+Block+Ciphers+Engineering+an+Ultra+Low-Latency+Cipher+from+Gate+Level+for+Secure+Processor+Architectures&submittedafter=2020&submittedbefore=2022" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[LS16]</div> <div><div id="ref-LS16-FSE-MDS" class="bibitem">Meicheng Liu and Siang Meng Sim. Lightweight MDS Generalized Circulant Matrices. In Thomas Peyrin, editor, <em>Fast Software Encryption - 23rd International Conference, FSE 2016, Bochum, Germany, March 20-23, 2016, Revised Selected Papers</em>, volume 9783 of <em>Lecture Notes in Computer Science</em>, pages 101–120. 2016. Springer. DOI: <a href="https://doi.org/10.1007/978-3-662-52993-5_6">10.1007/978-3-662-52993-5_6</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Meicheng+Liu+Siang+Meng+Sim+Lightweight+MDS+Generalized+Circulant+Matrices+2016" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Meicheng+Liu+Siang+Meng+Sim&title=Lightweight+MDS+Generalized+Circulant+Matrices&submittedafter=2015&submittedbefore=2017" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[QDW<sup>+</sup>22]</div> <div><div id="ref-DBLP:conf/asiacrypt/QinDWHW22" class="bibitem">Lingyue Qin, Xiaoyang Dong, Anyu Wang, Jialiang Hua, and Xiaoyun Wang. Mind the TWEAKEY Schedule: Cryptanalysis on SKINNYe-64-256. In Shweta Agrawal and Dongdai Lin, editors, <em>Advances in Cryptology - ASIACRYPT 2022 - 28th International Conference on the Theory and Application of Cryptology and Information Security, Taipei, Taiwan, December 5-9, 2022, Proceedings, Part I</em>, volume 13791 of <em>Lecture Notes in Computer Science</em>, pages 287–317. 2022. Springer. DOI: <a href="https://doi.org/10.1007/978-3-031-22963-3_10">10.1007/978-3-031-22963-3_10</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Lingyue+Qin+Xiaoyang+Dong+Anyu+Wang+Jialiang+Hua+Xiaoyun+Wang+Mind+the+TWEAKEY+Schedule%3A+Cryptanalysis+on+SKINNYe-64-256+2022" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Lingyue+Qin+Xiaoyang+Dong+Anyu+Wang+Jialiang+Hua+Xiaoyun+Wang&title=Mind+the+TWEAKEY+Schedule%3A+Cryptanalysis+on+SKINNYe-64-256&submittedafter=2021&submittedbefore=2023" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[Ras22]</div> <div><div id="ref-DBLP:journals/tosc/Rasoolzadeh22" class="bibitem">Shahram Rasoolzadeh. Low-Latency Boolean Functions and Bijective S-boxes. <em>IACR Trans. Symmetric Cryptol.</em>, 2022(3):403–447, 2022. DOI: <a href="https://doi.org/10.46586/TOSC.V2022.I3.403-447">10.46586/TOSC.V2022.I3.403-447</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Shahram+Rasoolzadeh+Low-Latency+Boolean+Functions+and+Bijective+S-boxes+2022" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Shahram+Rasoolzadeh&title=Low-Latency+Boolean+Functions+and+Bijective+S-boxes&submittedafter=2021&submittedbefore=2023" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[SA09]</div> <div><div id="ref-DBLP:conf/eurocrypt/SasakiA09" class="bibitem">Yu Sasaki and Kazumaro Aoki. Finding Preimages in Full MD5 Faster Than Exhaustive Search. In Antoine Joux, editor, <em>Advances in Cryptology - EUROCRYPT 2009, 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cologne, Germany, April 26-30, 2009. Proceedings</em>, volume 5479 of <em>Lecture Notes in Computer Science</em>, pages 134–152. 2009. Springer. DOI: <a href="https://doi.org/10.1007/978-3-642-01001-9_8">10.1007/978-3-642-01001-9_8</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Yu+Sasaki+Kazumaro+Aoki+Finding+Preimages+in+Full+MD5+Faster+Than+Exhaustive+Search+2009" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Yu+Sasaki+Kazumaro+Aoki&title=Finding+Preimages+in+Full+MD5+Faster+Than+Exhaustive+Search&submittedafter=2008&submittedbefore=2010" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[SSH99]</div> <div><div id="ref-Sutherland1999LogicalED" class="bibitem">Ivan Sutherland, Bob Sproull, and David Harris. <em>Logical Effort: Designing Fast CMOS Circuits</em>. Morgan Kaufmann Publishers Inc., San Francisco, CA, USA 1999.</div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Ivan+Sutherland+Bob+Sproull+David+Harris+Logical+Effort%3A+Designing+Fast+CMOS+Circuits+1999" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Ivan+Sutherland+Bob+Sproull+David+Harris&title=Logical+Effort%3A+Designing+Fast+CMOS+Circuits&submittedafter=1998&submittedbefore=2000" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[TAY17]</div> <div><div id="ref-Tolba2017ImprovedMI" class="bibitem">Mohamed Tolba, Ahmed Abdelkhalek, and Amr M. Youssef. Improved Multiple Impossible Differential Cryptanalysis of Midori128. <em>IEICE Trans. Fundam. Electron. Commun. Comput. Sci.</em>, 100-A(8):1733–1737, 2017. DOI: <a href="https://doi.org/10.1587/TRANSFUN.E100.A.1733">10.1587/TRANSFUN.E100.A.1733</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Mohamed+Tolba+Ahmed+Abdelkhalek+Amr+M.+Youssef+Improved+Multiple+Impossible+Differential+Cryptanalysis+of+Midori128+2017" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Mohamed+Tolba+Ahmed+Abdelkhalek+Amr+M.+Youssef&title=Improved+Multiple+Impossible+Differential+Cryptanalysis+of+Midori128&submittedafter=2016&submittedbefore=2018" target="_blank" class="ms-3">ePrint</a> </div> <div class="d-flex"> <div style="min-width:9rem;">[XZBL16]</div> <div><div id="ref-DBLP:conf/asiacrypt/XiangZBL16" class="bibitem">Zejun Xiang, Wentao Zhang, Zhenzhen Bao, and Dongdai Lin. Applying MILP Method to Searching Integral Distinguishers Based on Division Property for 6 Lightweight Block Ciphers. In Jung Hee Cheon and Tsuyoshi Takagi, editors, <em>Advances in Cryptology - ASIACRYPT 2016 - 22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, December 4-8, 2016, Proceedings, Part I</em>, volume 10031 of <em>Lecture Notes in Computer Science</em>, pages 648–678. 2016. DOI: <a href="https://doi.org/10.1007/978-3-662-53887-6_24">10.1007/978-3-662-53887-6_24</a></div></div> </div> <div class="text-end mb-4"> <a href="https://scholar.google.com/scholar?hl=en&q=Zejun+Xiang+Wentao+Zhang+Zhenzhen+Bao+Dongdai+Lin+Applying+MILP+Method+to+Searching+Integral+Distinguishers+Based+on+Division+Property+for+6+Lightweight+Block+Ciphers+2016" target="_blank" class="ms-3">Google Scholar</a> <a href="https://eprint.iacr.org/search?relevance=on&authors=Zejun+Xiang+Wentao+Zhang+Zhenzhen+Bao+Dongdai+Lin&title=Applying+MILP+Method+to+Searching+Integral+Distinguishers+Based+on+Division+Property+for+6+Lightweight+Block+Ciphers&submittedafter=2015&submittedbefore=2017" target="_blank" class="ms-3">ePrint</a> </div> </div> <div class="col-12 col-md-4"> <p class="mt-4"> <a class="btn btn-outline-dark" href="/p/1/4/25/pdf"><img alt="PDF" class="icon" src="/images/file-pdf.svg">PDF</a> <img style="margin-left: 1rem;max-width: 1.2rem;" src="/images/open_access.svg" title="Open access" alt="Open access"> </p> <div class="my-4"> <span class="fw-bold me-2">DOI:</span> <a href="https://doi.org/10.62056/a63zzoja5">https://doi.org/10.62056/a63zzoja5</a> </div> <div class="card mb-4"> <h5 class="card-header">History</h5> <div class="card-body"> <strong>Submitted</strong>: 2024-10-08<br> <strong>Accepted</strong>: 2024-12-03<br> <strong>Published</strong>: 2025-01-13<br> <!-- begin crossmark --> <script src="https://crossmark-cdn.crossref.org/widget/v2.0/widget.js"></script> <a data-target="crossmark"><img style="margin-top:4px;" src="https://crossmark-cdn.crossref.org/widget/v2.0/logos/CROSSMARK_Color_horizontal.svg" width="150" /></a> <!-- end crossmark --> </div> </div> <div class="card mb-4"> <h5 class="card-header">How to cite</h5> <div class="card-body"> <p>Guoxiao Liu, Qingyuan Yu, Liyuan Tang, Shihe Ma, Congming Wei, Keting Jia, Lingyue Qin, Xiaoyang Dong, and Yantian Shen, Ultra Low-Latency Block Cipher uLBC. <span class="fst-italic">IACR Communications in Cryptology</span>, vol. 1, no. 4, Jan 13, 2025, doi: 10.62056/a63zzoja5. </p> <button type="button" id="citationModalLabel" class="float-end btn btn-outline-dark" data-bs-toggle="modal" data-bs-target="#citationModal"> BibTeX, etc </button> </div> </div> <div class="card mb-4"> <h5 class="card-header">License</h5> <div class="card-body"> <p>Copyright is held by the author(s)</p> <p> This work is licensed under a <a target="_blank" href="https://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution (CC BY)</a> license. </p> </div> </div> </div> </div> <div class="modal fade" id="citationModal" tabindex="-1" aria-labelledby="citationModalLabel" aria-hidden="true"> <div class="modal-dialog modal-xl"> <div class="modal-content"> <div class="modal-header"> <h1 class="modal-title fs-3">How to cite this</h1> <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button> </div> <div class="modal-body p-4"> <ul class="nav nav-tabs" id="myTab" role="tablist"> <li class="nav-item" role="presentation"> <button class="nav-link active" id="bibtex-tab" data-bs-toggle="tab" data-bs-target="#bibtex-pane" type="button" role="tab" aria-controls="bibtex-pane" aria-selected="true">BibTeX</button> </li> <li class="nav-item" role="presentation"> <button class="nav-link" id="ris-tab" data-bs-toggle="tab" data-bs-target="#ris-pane" type="button" role="tab" aria-controls="ris-pane" aria-selected="false">RIS/Endnote/Zotero/Mendeley</button> </li> <li class="nav-item" role="presentation"> <button class="nav-link" id="text-tab" data-bs-toggle="tab" data-bs-target="#text-pane" type="button" role="tab" aria-controls="text-pane" aria-selected="false">Text</button> </li> </ul> <div class="tab-content p-4"> <div class="tab-pane active" id="bibtex-pane" role="tabpanel" aria-labelledby="bibtex-tab" tabindex="0"> <pre id="bib">@article{CiC-1-4-25, author = "Liu, Guoxiao and Yu, Qingyuan and Tang, Liyuan and Ma, Shihe and Wei, Congming and Jia, Keting and Qin, Lingyue and Dong, Xiaoyang and Shen, Yantian", journal = "{IACR} {C}ommunications in {C}ryptology", publisher = "{I}nternational {A}ssociation for {C}ryptologic {R}esearch", title = "Ultra Low-Latency Block Cipher u{LBC}", volume = "1", number = "4", date = "2025-01-13", year = "2025", issn = "3006-5496", doi = "10.62056/a63zzoja5" } </pre> <button id="bibtexcopy" class="btn btn-sm btn-primary" aria-label="Copy to clipboard" onclick="copyMetadata('bibtexcopy', 'bib')">Copy to clipboard</button> <button id="bibtexdownload" class="ms-3 btn btn-sm btn-primary" aria-label="Download BibTeX .bib file" onclick="sendCitation('bib')">Download .bib file</button> </div> <div class="tab-pane" id="ris-pane" role="tabpanel" aria-labelledby="ris-tab" tabindex="0"> <pre id="ris">TY - JOUR AU - Liu, Guoxiao AU - Yu, Qingyuan AU - Tang, Liyuan AU - Ma, Shihe AU - Wei, Congming AU - Jia, Keting AU - Qin, Lingyue AU - Dong, Xiaoyang AU - Shen, Yantian PY - 2025 TI - Ultra Low-Latency Block Cipher uLBC JF - IACR Communications in Cryptology JA - CIC VL - 1 IS - 4 DO - 10.62056/a63zzoja5 UR - https://doi.org/10.62056/a63zzoja5 AB - <p>In recent years, there has been a growing interest in low-latency ciphers. Since the first low-latency block cipher PRINCE was proposed at ASIACRYPT 2012, many low-latency primitives sprung up, such as Midori, MANTIS, QARMA and SPEEDY. Some ciphers, like SPEEDY and Orthros, introduce bit permutations to achieve reduced delay. However, this approach poses a challenge in evaluating the resistance against some cryptanalysis, especially differential and linear attacks. SPEEDY-7-192, was fully broken by Boura et.al. using differential attack, for example. In this paper, we manage to propose a novel low-latency block cipher, which guarantees security against differential and linear attacks. Revisiting the permutation technique used in Orthros, we investigate the selection of nibble permutations and propose a method for selecting them systematically rather than relying on random search. Our new nibble permutation method ensures the existence of impossible differential and differential trails for up to 8 rounds, while the nibble permutations for both branches of Orthros may lead to a 9-round impossible differential trail. Furthermore, we introduce a new approach for constructing low-latency coordinate functions for 4-bit S-boxes, which involves a more precise delay computation compared to traditional methods based solely on circuit depth. The new low-latency primitive uLBC we propose, is a family of 128-bit block ciphers, with three different versions of key length, respectively 128-bit and 256-bit key, as well as a 384-bit tweakey version with variable-length key. According to the key length, named uLBC-128, uLBC-256 and uLBC-384t. Our analysis shows that uLBC-128 exhibits lower latency and area requirements compared to ciphers such as QARMA9-128 and Midori128. On performance, uLBC-128 has excellent AT performance, the best performance except SPEEDY-6, and even the best performance in UMC 55nm in our experiments. </p> ER -</pre> <button id="riscopy" class="btn btn-sm btn-primary" aria-label="Copy to clipboard" onclick="copyMetadata('riscopy', 'ris')">Copy to clipboard</button> <button id="risdownload" class="ms-3 btn btn-sm btn-primary" aria-label="Download RIS file" onclick="sendCitation('ris')">Download .ris file</button> </div> <div class="tab-pane" id="text-pane" role="tabpanel" aria-labelledby="text-tab" tabindex="0"> <div class="w-75" id="textcitation">Guoxiao Liu, Qingyuan Yu, Liyuan Tang, Shihe Ma, Congming Wei, Keting Jia, Lingyue Qin, Xiaoyang Dong, and Yantian Shen, Ultra Low-Latency Block Cipher uLBC. <span class="fst-italic">IACR Communications in Cryptology</span>, vol. 1, no. 4, Jan 13, 2025, doi: 10.62056/a63zzoja5.</div> <button id="textcopy" class="btn btn-sm btn-primary mt-3" aria-label="Copy to clipboard" onclick="copyMetadata('textcopy', 'textcitation')">Copy to clipboard</button> </div> </div> </div> <div class="modal-footer"> <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button> </div> </div> </div> </div> <div class="modal fade" id="citationsModal" tabindex="-1" aria-labelledby="citationsModalLabel" aria-hidden="true"> <div class="modal-dialog modal-dialog-scrollable modal-lg"> <div class="modal-content"> <div class="modal-header"> <h1 class="modal-title fs-3">Known citations</h1> <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button> </div> <div class="modal-body p-4"> <p> We do not crawl the web, so we are only able to identify citations from papers that are registered with a DOI in crossref.org and the publisher reports their citations to crossref, and crossref can identify a DOI from the reference. That includes (most) articles from Springer and many from ACM, but it excludes citations from USENIX because they don't issue DOIs. It also excludes citations from arxiv and eprint. You may find more citations in <a href="https://scholar.google.com/scholar?hl=en&q=Ultra+Low-Latency+Block+Cipher+uLBC">Google Scholar</a>. </p> <ol> </ol> </div> <div class="modal-footer"> <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button> </div> </div> </div> </div> <script> function copyMetadata(buttid, id) { let range = document.createRange(); range.selectNode(document.getElementById(id)); window.getSelection().removeAllRanges(); window.getSelection().addRange(range); document.execCommand('copy'); window.getSelection().removeAllRanges(); const copyTooltip = new bootstrap.Tooltip('#' + buttid, {trigger: 'manual', title: 'Copied!'}); copyTooltip.show(); setTimeout(function() { copyTooltip.dispose(); }, 2000); } function sendCitation(typ) { // typ is 'bib' or 'ris' let data = document.getElementById(typ).innerHTML; atag = document.createElement('a'); atag.setAttribute('href', 'data:text/plain;charset=utf-8,' + encodeURIComponent(data)); atag.setAttribute('download', '1-4-25.' + typ); if (document.createEvent) { let event = document.createEvent('MouseEvents'); event.initEvent('click', true, true); atag.dispatchEvent(event); } else { atag.click(); } } </script> </main> <div class="container-fluid mt-auto" id="pageFooter"> </div> <footer class="text-center footer py-3"> <small> <a href="https://iacr.org/copyright.html">Copyright © 2025</a> <span class="d-none d-md-inline">by the </span><span class="d-md-none">IACR</span> <span class="d-none d-md-inline">International Association for Cryptologic Research</span> <span class="d-none d-md-inline">• </span><br class="d-md-none"> <a href="https://iacr.org/privacy.html">Privacy Policy</a> </small> </footer> <script id="results-template" type="text/x-handlebars-template"> <div class="p-3 shadow" style="margin-bottom:1rem;max-height:70vh;overflow-y:scroll"> <p>{{estimated_results}} results (if more than 100, then refine your query)</p> <ol> {{#each results}} <li role="presentation"><a href="{{url}}">{{title}}</a><br> {{#each authors }}{{this}}{{#unless @last}}, {{/unless}}{{/each}}</li> {{/each}} </ol> </div> </script> <script src="/static/js/handlebars-v4.7.7.js"></script> <script> var theTemplateScript = document.getElementById('results-template').innerHTML; var resultsTemplate = Handlebars.compile(theTemplateScript); var textinput = document.getElementById('searchbox'); // Returns a function, that, as long as it continues to be invoked, will not // be triggered. The function will be called after it stops being called for // N milliseconds. If `immediate` is passed, trigger the function on the // leading edge, instead of the trailing. function debounce(func, wait, immediate) { var timeout; return function() { var context = this, args = arguments; var later = function() { timeout = null; if (!immediate) func.apply(context, args); }; var callNow = immediate && !timeout; clearTimeout(timeout); timeout = setTimeout(later, wait); if (callNow) func.apply(context, args); }; }; let controller; let signal; var doSearch = debounce(function() { args = {'d': '/var/www/wsgi/cicjournal/webapp/search_index/xapian.db'} if (textinput.value) { args['q'] = textinput.value; if (controller !== undefined) { console.log('killing'); controller.abort(); } controller = new AbortController(); signal = controller.signal; let search_url = "https://cic.iacr.org/api/search" + "?" + new URLSearchParams(args); console.log(search_url); fetch(search_url, {signal}) .then((response) => response.json()) .then((data) => { console.log(data); let elem = document.getElementById('view'); if (elem) {elem.innerHTML = '';} if (data.results.length > 0) { document.getElementById('results').innerHTML = resultsTemplate(data); } else { document.getElementById('results').innerHTML = '<div class="p-3 shadow">no results</div>'; } controller = undefined; }).catch((error) => { console.log('error in fetch'); console.log(error); }); } else { console.log('no query'); } }, 500); // only after 250 ms. document.querySelectorAll('input').forEach((elem) => { elem.addEventListener('input', doSearch); }); </script> </body> </html>