Simpira v2: A family of efficient permutations using the AES round function

Shay Gueron, Nicky Mouha

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

This paper introduces Simpira, a family of cryptographic permutations that supports inputs of 128 × b bits, where b is a positive integer. Its design goal is to achieve high throughput on virtually all modern 64-bit processors, that nowadays already have native instructions for AES. To achieve this goal, Simpira uses only one building block: the AES round function. For b = 1, Simpira corresponds to 12-round AES with fixed round keys, whereas for b ≥ 2, Simpira is a Generalized Feistel Structure (GFS) with an F-function that consists of two rounds of AES. We claim that there are no structural distinguishers for Simpira with a complexity below 2128, and analyze its security against a variety of attacks in this setting. The throughput of Simpira is close to the theoretical optimum, namely, the number of AES rounds in the construction. For example, on the Intel Skylake processor, Simpira has throughput below 1 cycle per byte for b ≤ 4 and b = 6. For larger permutations, where moving data in memory has a more pronounced effect, Simpira with b = 32 (512 byte inputs) evaluates 732 AES rounds, and performs at 824 cycles (1.61 cycles per byte), which is less than 13% off the theoretical optimum. If the data is stored in interleaved buffers, this overhead is reduced to less than 1%. The Simpira family offers an efficient solution when processing wide blocks, larger than 128 bits, is desired.

Original languageEnglish
Title of host publicationAdvances in Cryptology - ASIACRYPT 2016 - 22nd International Conference on the Theory and Application of Cryptology and Information Security, Proceedings
EditorsJung Hee Cheon, Tsuyoshi Takagi
PublisherSpringer Verlag
Pages95-125
Number of pages31
ISBN (Print)9783662538869
DOIs
StatePublished - 2016
Event22nd International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2016 - Hanoi, Viet Nam
Duration: 4 Dec 20168 Dec 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10031 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference22nd International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2016
Country/TerritoryViet Nam
CityHanoi
Period4/12/168/12/16

Bibliographical note

Publisher Copyright:
© International Association for Cryptologic Research 2016.

Keywords

  • AES-NI
  • Beyond birthday-bound (BBB) security
  • Cryptographic permutation
  • Even-Mansour
  • Generalized Feistel structure (GFS)
  • Hash function
  • Lamport signature
  • Wide-block encryption

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Simpira v2: A family of efficient permutations using the AES round function'. Together they form a unique fingerprint.

Cite this