TY - GEN
T1 - PIPO
T2 - 23rd International Conference on Information Security and Cryptology, ICISC 2020
AU - Kim, Hangi
AU - Jeon, Yongjin
AU - Kim, Giyoon
AU - Kim, Jongsung
AU - Sim, Bo Yeon
AU - Han, Dong Guk
AU - Seo, Hwajeong
AU - Kim, Seonggyeom
AU - Hong, Seokhie
AU - Sung, Jaechul
AU - Hong, Deukjo
N1 - Publisher Copyright:
© 2021, Springer Nature Switzerland AG.
PY - 2021
Y1 - 2021
N2 - In this paper, we introduce a new lightweight 64-bit block cipher PIPO (PIPO stands for “Plug-In” and “Plug-Out”, representing its use in side-channel protected and unprotected environments, respectively.) supporting a 128 or 256-bit key. It is a byte-oriented and bitsliced cipher that offers excellent performance in 8-bit AVR software implementations. In particular, PIPO allows for efficient higher-order masking implementations, since it uses a minimal number of nonlinear operations. Our implementations demonstrate that PIPO outperforms existing block ciphers (for the same block and key lengths) in both side-channel protected and unprotected environments, on an 8-bit AVR. Furthermore, PIPO records competitive round-based hardware implementations. For the nonlinear layer of PIPO, we have developed a new lightweight 8-bit S-box that provides an efficient bitsliced implementation including only 11 nonlinear bitwise operations. Furthermore, its differential and linear branch numbers are both 3. This characteristic enables PIPO to thwart differential and linear attacks with fewer rounds. The security of PIPO has been scrutinized with regards to state-of-the-art cryptanalysis.
AB - In this paper, we introduce a new lightweight 64-bit block cipher PIPO (PIPO stands for “Plug-In” and “Plug-Out”, representing its use in side-channel protected and unprotected environments, respectively.) supporting a 128 or 256-bit key. It is a byte-oriented and bitsliced cipher that offers excellent performance in 8-bit AVR software implementations. In particular, PIPO allows for efficient higher-order masking implementations, since it uses a minimal number of nonlinear operations. Our implementations demonstrate that PIPO outperforms existing block ciphers (for the same block and key lengths) in both side-channel protected and unprotected environments, on an 8-bit AVR. Furthermore, PIPO records competitive round-based hardware implementations. For the nonlinear layer of PIPO, we have developed a new lightweight 8-bit S-box that provides an efficient bitsliced implementation including only 11 nonlinear bitwise operations. Furthermore, its differential and linear branch numbers are both 3. This characteristic enables PIPO to thwart differential and linear attacks with fewer rounds. The security of PIPO has been scrutinized with regards to state-of-the-art cryptanalysis.
KW - Differential and linear branch numbers
KW - Higher-order masking
KW - Lightweight S-boxes
KW - PIPO
UR - http://www.scopus.com/inward/record.url?scp=85102642279&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-68890-5_6
DO - 10.1007/978-3-030-68890-5_6
M3 - Conference contribution
AN - SCOPUS:85102642279
SN - 9783030688899
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 99
EP - 122
BT - 23rd International Conference, 2020, Proceedings
A2 - Hong, Deukjo
PB - Springer Science and Business Media Deutschland GmbH
Y2 - 2 December 2020 through 4 December 2020
ER -