Lightweight Linear Layers with High Branch Number for Ascon-Like Permutations
DOI:
https://doi.org/10.54654/isj.v1i27.6404Keywords:
Lightweight cryptography, linear layer, branch number, XOR and rotation, permutation, Ascon, column parity mixer, multiple rows mixerTóm tắt
The linear layer is a fundamental building block of substitution-permutation network (SPN) based ciphers, responsible for the diffusion of differences and linear masks across the state. In this paper, we analyze and evaluate several lightweight linear layers through the lens of branch number theory, focusing on constructions that rely solely on XOR operations and cyclic rotations, such as the Column Parity Mixer (CPM), the Twin Column Parity Mixer (TCPM), the Symmetric Twin Column Parity Mixer (STCPM), and the Multiple Rows Mixer (MRM). Based on these analyses, we propose new linear layers that achieve higher branch numbers while requiring fewer XOR operations than existing designs. We then evaluate the proposed constructions when instantiated in Ascon-like permutations operating on a 5 x 64-bit state, comparing Ascon, Gaston, Gaston-S, and Hsilu in terms of trail weight bounds. Our results confirm that the proposed linear layers achieve: a column differential branch number 7 at 2.8 XOR/bit (Construction 1), branch number 7 with improved linear resistance at 3 XOR/bit (Construction 2), and branch number 17 at 4 XOR/bit (Construction 3). In particular, the final structure provides a substantially higher column branch number compared to TCPM and STCPM at a similar XOR implementation cost
Downloads
References
National Institute of Standards and Technology, “Lightweight Cryptography Standardization” (2023), Access time: 12/06/2026, Computer Security Resource Center (CSRC), https://csrc.nist.gov/projects/lightweight-cryptography.
N. V. Long, H. D. Linh and L. Q. Dat, “The quantum circuit construction for S-boxes without ancilla qubits: A more detail analysis,” Journal of Science and Technology on Information Security, vol. 24, no. 1, pp. 44–55, 2024. DOI: 10.54654/isj.v1i24.1031.
T. T. Luong, T. M. Phuong, N. V. Long and N. N. Khanh, “Enhancing SPN ciphers: Dynamic substitution-key addition layers via binary block circulant matrices,” Journal of Science and Technology on Information Security, vol. 24, no. 1, pp. 12-29, 2025. DOI: 10.54654/isj.v1i24.1100.
S. Duval and G. Leurent, “MDS matrices with lightweight circuits,” IACR Transactions on Symmetric Cryptology, vol. 2018, no. 2, pp. 48–78, 2018. DOI: 10.13154/tosc.v2018.i2.48-78.
T. Kranz, G. Leander, K. Stoffelen and F. Wiemer, “Shorter linear straight-line programs for MDS matrices,” IACR Transactions on SymmetricCryptology, vol. 2017, no. 4, pp. 188–211, 2017. DOI: 10.13154/tosc.v2017.i4.188-211.
G. Bertoni, J. Daemen, M. Peeters and G. Van Assche, “Keccak specifications,” NIST SHA-3 submission document, 2009. [7] J. Daemen, S. Hoffert, G. Van Assche and R. Van Keer, “The design of Xoodoo and Xoofff,” IACR Transactions on Symmetric Cryptology, vol. 2018, no. 4, pp. 1–38, 2018. DOI:10.13154/tosc.v2018.i4.
C. Dobraunig, M. Eichlseder, F. Mendel and M. Schl¨affer, “Ascon v1.2: Lightweight authenticated encryption and hashing,” Journal of Cryptology, vol. 34, no. 3, 2021. DOI:10.1007 s00145-021-09398-9.
K. Stoffelen and J. Daemen, “Column parity mixers,”IACR Transactions on Symmetric Cryptology, vol. 2018, no. 1, pp. 126–159, 2018. DOI: 10.13154/tosc.v2018.i1.126-159.
S. El Hirch, J. Daemen, R. Rohit and R. H. Makarim, “Twin column parity mixers and Gaston,” in Advances in Cryptology – CRYPTO 2023, Lecture Notes in Computer Science, vol. 14083, Cham, Switzerland: Springer, pp. 475–506, 2023. DOI: 10.1007/978-3-031-38548-3_16.
H. Lei, R. Rohit, G. Liu, J. He, M. Rachidi, K. Jia, K. Hu and M. Wang, “Symmetric twin column parity mixers and their applications,” IACR Transactions on Symmetric Cryptology, vol. 2024, no. 4, pp. 1–37, 2024. DOI: 10.46586/tosc.v2024.i4.1-37.
X. Yu and M. Liu, “Multiple rows mixers and Hsilu,” IACR Transactions on Symmetric Cryptology, vol. 2025, no. 2, pp. 166–191, 2025. DOI: 10.46586/tosc.v2025.i2.166-191.
E. Biham and A. Shamir, “Differential cryptanalysis of DES-like cryptosystems,” Journal of Cryptology, vol. 4, no. 1, pp. 3–72, 1991. DOI: 10. 1007/BF00630563.
M. Matsui, “Linear cryptanalysis method for DES cipher,” in Advances in Cryptology – EUROCRYPT’93, Lecture Notes in Computer Science, vol. 765, Berlin, Germany: Springer, pp. 386–397, 1994. DOI: 10.1007/3-540-48285-7_33.
Downloads
Published
How to Cite
Issue
Section
License
Open Access Policy
The Journal of Science and Technology on Information Security provides open access to its published articles to broaden opportunities for high-quality research findings to be available and widely disseminated free of charge, contributing to the greater exchange of knowledge.
Open access statement: CTUJoS permits everyone to read, download, copy, distribute, print, search, or link to the full texts of the published articles without registration, price barriers, or asking for permission from the Journal or the author.
Proposed Policy for Journals That Offer Delayed Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication, with the work [SPECIFY PERIOD OF TIME] after publication simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
