S-box pipelining using genetic algorithms for high-throughput AES implementations: How fast can we go?, by Lejla Batina and Domagoj Jakobovic and Nele Mentens and Stjepan Picek and Antonio de la Piedr
In the last few years, several practitioners have proposed a
wide range of approaches for reducing the implementation area of the
AES in hardware. However, an area-throughput trade-off that undermines high-speed is not realistic for real-time cryptographic applications. In this manuscript, we explore how Genetic Algorithms (GAs) can be used for pipelining the AES substitution box based on composite field arithmetic. We implemented a framework that parses and analyzes a Verilog netlist, abstracts it as a graph of interconnected cells and generates circuit statistics on its elements and paths. With this information, the GA extracts the appropriate arrangement of Flip-Flops (FFs) that maximizes the throughput of the given netlist. In doing so, we show that it is possible to achieve a 50 % improvement in throughput with only an 18 % increase in area in the UMC 0.13 um low-leakage standard cell library.
Cube Attacks and Cube-attack-like Cryptanalysis on the Round-reduced Keccak Sponge Function, by Itai Dinur and Pawel Morawiecki and Josef Pieprzyk and Marian Srebrny and Michal Straus
In this paper, we comprehensively study the resistance of keyed variants of SHA-3 (Keccak) against algebraic attacks. This analysis covers a wide range of key recovery, MAC forgery and other types of attacks, breaking up to 9 rounds (out of the full 24) of the Keccak internal permutation much faster than exhaustive search. Moreover, some of our attacks on the 6-round Keccak are completely practical and were verified on a desktop PC. Our methods combine cube attacks (an algebraic key recovery attack) and related algebraic techniques with structural analysis of the Keccak permutation. These techniques should be useful in future cryptanalysis of Keccak and similar designs.
Although our attacks break more rounds than previously published techniques, the security margin of Keccak remains large. For Keyak -- a Keccak-based authenticated encryption scheme -- the nominal number of rounds is 12 and therefore its security margin is smaller (although still sufficient).
A comprehensive empirical comparison of parallel ListSieve and GaussSieve, by Artur Mariano and Ozgur Dagdelen and Christian Bischof
The security of lattice-based cryptosystems is determined by
the performance of practical implementations of, among others, algo-
rithms for the Shortest Vector Problem (SVP).
In this paper, we conduct a comprehensive, empirical comparison of two
SVP-solvers: ListSieve and GaussSieve. We also propose a practical par-
allel implementation of ListSieve, which achieves super-linear speedups
on multi-core CPUs, with efficiency levels as high as 183%. By compar-
ing our implementation with a parallel implementation of GaussSieve, we
show that ListSieve can, in fact, outperform GaussSieve for a large num-
ber of threads, thus answering a question that was still open to this day.
Square Span Programs with Applications to Succinct NIZK Arguments, by George Danezis and Cedric Fournet and Jens Groth and Markulf Kohlweiss
We propose a new characterization of NP using square span programs
(SSPs). We first characterize NP as affine map constraints on small
vectors. We then relate this characterization to SSPs, which are
similar but simpler than Quadratic Span Programs (QSPs) and
Quadratic Arithmetic Programs (QAPs) since they use a single series
of polynomials rather than 2 or 3.
We use SSPs to construct succinct non-interactive zero-knowledge
arguments of knowledge. For performance, our proof system is
defined over Type III bilinear groups; proofs consist of just 4
group elements, verified in just 6 pairings. Concretely, using the
Pinocchio libraries, we estimate that proofs will consist of 160
bytes verified in less than 6 ms.