The design of Xoodoo and Xoofff

The design of Xoodoo and Xoofff

This paper presents Xoodoo, a 48-byte cryptographic permutation with excellent propagation properties. Its design approach is inspired by Keccak-p, while it is dimensioned like Gimli for efficiency on low-end processors. The structure consists of three planes of 128 bits each, which interact per 3-...

Full description

Bibliographic Details
Main Authors: Joan Daemen, Seth Hoffert, Gilles Van Assche, Ronny Van Keer
Format: Article
Language:English
Published: Ruhr-Universität Bochum 2018-12-01
Series:IACR Transactions on Symmetric Cryptology
Subjects:
permutation-based cryptography
Farfalle
deck function
differential
cryptanalysis
linear cryptanalysis
Online Access:https://tosc.iacr.org/index.php/ToSC/article/view/7359
id doaj-bcf02c1b37274dd28cfb91cc9480f965
record_format Article
spelling doaj-bcf02c1b37274dd28cfb91cc9480f9652021-03-02T10:27:29ZengRuhr-Universität BochumIACR Transactions on Symmetric Cryptology2519-173X2018-12-012018410.13154/tosc.v2018.i4.1-38The design of Xoodoo and XoofffJoan Daemen0Seth HoffertGilles Van Assche1Ronny Van Keer2Radboud UniversitySTMicroelectronicsSTMicroelectronics This paper presents Xoodoo, a 48-byte cryptographic permutation with excellent propagation properties. Its design approach is inspired by Keccak-p, while it is dimensioned like Gimli for efficiency on low-end processors. The structure consists of three planes of 128 bits each, which interact per 3-bit columns through mixing and nonlinear operations, and which otherwise move as three independent rigid objects. We analyze its differential and linear propagation properties and, in particular, prove lower bounds on the weight of trails using the tree search-based technique of Mella et al. (ToSC 2017). Xoodoo’s primary target application is in the Farfalle construction that we instantiate for the doubly-extendable cryptographic keyed (or deck) function Xoofff. Combining a relatively narrow permutation with the parallelism of Farfalle results in very efficient schemes on a wide range of platforms, from low-end devices to high-end processors with vector instructions. https://tosc.iacr.org/index.php/ToSC/article/view/7359permutation-based cryptographyFarfalledeck functiondifferentialcryptanalysislinear cryptanalysis
collection DOAJ
language English
format Article
sources DOAJ
author Joan Daemen
Seth Hoffert
Gilles Van Assche
Ronny Van Keer
spellingShingle Joan Daemen
Seth Hoffert
Gilles Van Assche
Ronny Van Keer
The design of Xoodoo and Xoofff
IACR Transactions on Symmetric Cryptology
permutation-based cryptography
Farfalle
deck function
differential
cryptanalysis
linear cryptanalysis
author_facet Joan Daemen
Seth Hoffert
Gilles Van Assche
Ronny Van Keer
author_sort Joan Daemen
title The design of Xoodoo and Xoofff
title_short The design of Xoodoo and Xoofff
title_full The design of Xoodoo and Xoofff
title_fullStr The design of Xoodoo and Xoofff
title_full_unstemmed The design of Xoodoo and Xoofff
title_sort design of xoodoo and xoofff
publisher Ruhr-Universität Bochum
series IACR Transactions on Symmetric Cryptology
issn 2519-173X
publishDate 2018-12-01
description This paper presents Xoodoo, a 48-byte cryptographic permutation with excellent propagation properties. Its design approach is inspired by Keccak-p, while it is dimensioned like Gimli for efficiency on low-end processors. The structure consists of three planes of 128 bits each, which interact per 3-bit columns through mixing and nonlinear operations, and which otherwise move as three independent rigid objects. We analyze its differential and linear propagation properties and, in particular, prove lower bounds on the weight of trails using the tree search-based technique of Mella et al. (ToSC 2017). Xoodoo’s primary target application is in the Farfalle construction that we instantiate for the doubly-extendable cryptographic keyed (or deck) function Xoofff. Combining a relatively narrow permutation with the parallelism of Farfalle results in very efficient schemes on a wide range of platforms, from low-end devices to high-end processors with vector instructions.
topic permutation-based cryptography
Farfalle
deck function
differential
cryptanalysis
linear cryptanalysis
url https://tosc.iacr.org/index.php/ToSC/article/view/7359
work_keys_str_mv AT joandaemen thedesignofxoodooandxoofff
AT sethhoffert thedesignofxoodooandxoofff
AT gillesvanassche thedesignofxoodooandxoofff
AT ronnyvankeer thedesignofxoodooandxoofff
AT joandaemen designofxoodooandxoofff
AT sethhoffert designofxoodooandxoofff
AT gillesvanassche designofxoodooandxoofff
AT ronnyvankeer designofxoodooandxoofff
_version_ 1724236876125044736

Similar Items