SYNTHESIS OF PSEUDO-DYNAMIC FUNCTIONS PD-sbox-ARX-32

Abstract

The aim of the work is to develop a method for synthesizing optimal pseudo-dynamic functions PD-sbox-ARX-32, 32-bit in size, in accordance with conflicting requirements for cryptographic characteristics of the considered structure. The methods for synthesizing classical sbox’es are considered, including those using evolutionary and genetic methods. The requirements for cryptographic characteristics are presented, both for the PD-sbox functions and for their constituent elements (classical sbox and ARX functions). A method for synthesizing pseudo-dynamic functions PD-sbox-ARX-32 is proposed, including two stages: 1) heuristic search for a structure corresponding to conflicting requirements for the resulting cryptographic characteristics, consumed software and hardware resources, as well as the speed of operation of the presented function; 2) search for optimal parameters of the main element of PD-sbox-ARX-32 – ARX functions, using the evolutionary method, the essence of which is to select the values of cyclic shifts in ARX functions. As a result, a set of four ARX functions was obtained for the pseudo-dynamic transformation of PDsbox- ARX-32, having the weight of linear characteristics equal to and difference characteristics equal to (in this case the empirical weight is ). To determine the weights of cryptographic characteristics, methods based on the use of SAT solvers were used in the work. The paper concludes that the selected structure of the 32-bit ARX function in the PD-sbox allows for a critical path (maximum number of sequential addition operations modulo ) that is four times smaller than that of the 8-iteration 32-bit Alzette-like structure, with a twofold increase in the number of operations and comparable maximum values of the weights of the difference and linear characteristics. A similar result is obtained when comparing the 32-bit ARX function with the 8-iteration 32-bit transformation from the Speck32 block cryptographic algorithm. The proposed method for synthesizing the parameters of the 32-bit ARX function allows for minimizing the number of assembler instructions spent on cyclic shift operations when implemented on low-resource 8-bit microcontrollers AVR (for example ATmega328P).