More Inputs Makes Difference: Implementations of Linear Layers Using Gates with More Than Two Inputs
DOI:
https://doi.org/10.46586/tosc.v2022.i2.351-378Keywords:
Lightweight Cryptography, Linear Layers, Low Area, AESAbstract
Lightweight cryptography ensures cryptography applications to devices with limited resources. Low-area implementations of linear layers usually play an essential role in lightweight cryptography. The previous works have provided plenty of methods to generate low-area implementations using 2-input xor gates for various linear layers. However, it is still challenging to search for smaller implementations using two or more inputs xor gates. This paper, inspired by Banik et al., proposes a novel approach to construct a quantity of lower area implementations with (n + 1)- input gates based on the given implementations with n-input gates. Based on the novel algorithm, we present the corresponding search algorithms for n = 2 and n = 3, which means that we can efficiently convert an implementation with 2-input xor gates and 3-input xor gates to lower-area implementations with 3-input xor gates and 4-input xor gates, respectively.
We improve the previous implementations of linear layers for many block ciphers according to the area with these search algorithms. For example, we achieve a better implementation with 4-input xor gates for AES MixColumns, which only requires 243 GE in the STM 130 nm library, while the previous public result is 258.9 GE. Besides, we obtain better implementations for all 5500 lightweight matrices proposed by Li et al. at FSE 2019, and the area for them is decreased by about 21% on average.
Published
Issue
Section
License
Copyright (c) 2022 Qun Liu, Weijia Wang, Ling Sun, Yanhong Fan, Lixuan Wu, Meiqin Wang
This work is licensed under a Creative Commons Attribution 4.0 International License.