View More View Less
  • 1 FEI STU, Ilkovičova 3, 812-19 Bratislava, Slovakia
Restricted access

Purchase article

USD  $25.00

1 year subscription (Individual Only)

USD  $800.00

Multiplicative complexity is the minimum number of AND-gates required to implement a given Boolean function in (AND, XOR) algebra. It is a good measure of a hardware complexity of an S-box, but an S-box cannot have too low multiplicative complexity due to security constraints. In this article we focus on generic constructions that can be used to find good n×n S-boxes with low multiplicative complexity. We tested these constructions in the specific case when n = 8. We were able to find 8 × 8 S-boxes with multiplicative complexity at most 16 (which is half of the known bound on multiplicative complexity of the AES S-box), while providing a reasonable resistance against linear and differential cryptanalysis.

  • [1]

    Ballet, S. and Pieltant, J., On the tensor rank of multiplication in any extension of f2, Journal of Complexity, 27(2) (2011), 230245. DOI 0885064X11000094

    • Search Google Scholar
    • Export Citation
  • [2]

    Bertoni, G., Daemen, J., Peeters, M. and Van Assche, G., Keccak sponge function family main document, Submission to NIST (Round 2), 3 (2009).

    • Search Google Scholar
    • Export Citation
  • [3]

    Bilgin, B., Nikova, S., Nikov, V., Rijmen, V. and Stütz, G., Threshold implementations of all 3 ×3 and 4 × 4 S-boxes, in: E. Prouff, P. Schaumont (eds.) CHES, Lecture Notes in Computer Science, vol. 7428, Springer (2012), pp. 7691.

    • Search Google Scholar
    • Export Citation
  • [4]

    Biryukov, A., Cannière, C. D., Braeken, A. and Preneel, B., A toolbox for cryptanalysis: Linear and affine equivalence algorithms, in: E. Biham (ed.) Advances in Cryptology – EUROCRYPT 2003, Lecture Notesin Computer Science, vol. 2656, Springer-Verlag (2003), pp. 3350. URL

    • Search Google Scholar
    • Export Citation
  • [5]

    Bogdanov, A., Knudsen, L. R., Leander, G., Paar, C., Poschmann, A., Robshaw, M. J. B., Seurin, Y. and Vikkelsoe, C., PRESENT: An ultra-lightweight block cipher, in: P. Paillier, I. Verbauwhede (eds.) CHES, LectureNotes in Computer Science, vol. 4727, Springer (2007), pp. 450466.

    • Search Google Scholar
    • Export Citation
  • [6]

    Boyar, J. and Peralta, R., Tight bounds for the multiplicative complexity of symmetric functions, Theor. Comput. Sci., 396(13) (2008), 223246. DOI 10.1016/j.tcs.2008.01.030. URL

    • Search Google Scholar
    • Export Citation
  • [7]

    Boyar, J. and Peralta, R., A new combinational logic minimization technique with applications to cryptology, SEA (2010), pp. 178189

  • [8]

    Boyar, J., Peralta, R. and Pochuev, D., On the multiplicative complexity of boolean functions over the basis (∧,⊕, 1), Theoretical Computer Science, 235(1) (2000), 4357.

    • Search Google Scholar
    • Export Citation
  • [9]

    Bulygin, S., More on linear hulls of present-like ciphers and a cryptanalysis of fullround epcbc-96, Cryptology ePrint Archive, Report 2013/028 (2013). URL

    • Search Google Scholar
    • Export Citation
  • [10]

    Carlet, C., Goubin, L., Prouff, E., Quisquater, M. and Rivain, M., Higherorder masking schemes for S-boxes, in: Fast Software Encryption, Springer (2012), pp. 366384.

    • Search Google Scholar
    • Export Citation
  • [11]

    Courtois, N., Hulme, D. and Mourouzis, T., Solving circuit optimisation problems in cryptography and cryptanalysis, Cryptology ePrint Archive, Report 2011/475 (2011).

    • Search Google Scholar
    • Export Citation
  • [12]

    Daemen, J. and Rijmen, V., The Design of Rijndael. Springer (2002)

    • Export Citation
  • [13]

    Grosek, O., Magliveras, S., Tapuska, J. and Wei, W., Is Rijndael really independent of the field polynomial? Tatra Mountains Mathematical Publications, 33(1) (2006), 5169.

    • Search Google Scholar
    • Export Citation
  • [14]

    Kocher, P. C., Jaffe, J. and Jun, B., Differential power analysis, in: Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO ′99, Springer-Verlag, London, UK, UK (1999). pp. 388397. URL

    • Search Google Scholar
    • Export Citation
  • [15]

    Mirwald, R. and Schnorr, C., The multiplicative complexity of quadratic boolean forms, Theoretical Computer Science, 102(2) (1992), 307328. DOI 10.1016/0304-3975(92)90235-8. URL

    • Search Google Scholar
    • Export Citation
  • [16]

    Nyberg, K., Differentially uniform mappings for cryptography, in: T. Helleseth (ed.) Advances in Cryptology – EUROCRYPT ′93, Lecture Notes in ComputerScience, vol. 765 Springer, Berlin, Heidelberg (1994), pp. 5564. DOI 10.1007/3-540-48285-7_6. URL

    • Search Google Scholar
    • Export Citation
  • [17]

    Schneier, B., Kelsey, J., Whiting, D., Wagner, D., Hall, C. and Ferguson, N., Twofish: A 128-bit block cipher, NIST AES Proposal, 15 (1998).

    • Search Google Scholar
    • Export Citation
  • [18]

    Wu, H., The hash function jh, submission to NIST (updated) (2009).

  • [19]

    Yarkin Doröz Aria Shahverdi, T. E. and Sunar, B., Toward practical homomorphic evaluation of block ciphers using Prince, Cryptology ePrint Archive, Report 2014/233 (2014). URL

    • Search Google Scholar
    • Export Citation
  • [20]

    Zajac, P., A new method to solve MRHS equation systems and its connection to group factorization, Journal of Mathematical Cryptology, 7(4) (2013), 279381. DOI 10.1515/jmc-2013-5012

    • Search Google Scholar
    • Export Citation
  • [21]

    Zajac, P. and Jókay, M., Multiplicative complexity of bijective 4 × 4 s-boxes, Cryptography and Communications, 6(3) (2014), 255277. DOI 10.1007/s12095-014-0100-y. URL

    • Search Google Scholar
    • Export Citation

The author instruction is available in PDF.

Please, download the file from HERE

Manuscript submission: HERE


  • Impact Factor (2019): 0.486
  • Scimago Journal Rank (2019): 0.234
  • SJR Hirsch-Index (2019): 23
  • SJR Quartile Score (2019): Q3 Mathematics (miscellaneous)
  • Impact Factor (2018): 0.309
  • Scimago Journal Rank (2018): 0.253
  • SJR Hirsch-Index (2018): 21
  • SJR Quartile Score (2018): Q3 Mathematics (miscellaneous)

Language: English, French, German

Founded in 1966
Publication: One volume of four issues annually
Publication Programme: 2020. Vol. 57.
Indexing and Abstracting Services:

  • CompuMath Citation Index
  • Mathematical Reviews
  • Referativnyi Zhurnal/li>
  • Research Alert
  • Science Citation Index Expanded (SciSearch)/li>
  • The ISI Alerting Services


Subscribers can access the electronic version of every printed article.

Senior editors

Editor(s)-in-Chief: Pálfy Péter Pál

Managing Editor(s): Sági, Gábor

Editorial Board

  • Biró, András (Number theory)
  • Csáki, Endre (Probability theory and stochastic processes, Statistics)
  • Domokos, Mátyás (Algebra (Ring theory, Invariant theory))
  • Győri, Ervin (Graph and hypergraph theory, Extremal combinatorics, Designs and configurations)
  • O. H. Katona, Gyula (Combinatorics)
  • Márki, László (Algebra (Semigroup theory, Category theory, Ring theory))
  • Némethi, András (Algebraic geometry, Analytic spaces, Analysis on manifolds)
  • Pach, János (Combinatorics, Discrete and computational geometry)
  • Rásonyi, Miklós (Probability theory and stochastic processes, Financial mathematics)
  • Révész, Szilárd Gy. (Analysis (Approximation theory, Potential theory, Harmonic analysis, Functional analysis))
  • Ruzsa, Imre Z. (Number theory)
  • Soukup, Lajos (General topology, Set theory, Model theory, Algebraic logic, Measure and integration)
  • Stipsicz, András (Low dimensional topology and knot theory, Manifolds and cell complexes, Differential topology)
  • Szász, Domokos (Dynamical systems and ergodic theory, Mechanics of particles and systems)
  • Tóth, Géza (Combinatorial geometry)

Gábor Sági
Address: P.O. Box 127, H–1364 Budapest, Hungary
Phone: (36 1) 483 8344 ---- Fax: (36 1) 483 8333