Orthros: A Low-Latency PRF

We present Orthros, a 128-bit block pseudorandom function. It is designed with primary focus on latency of fully unrolled circuits. For this purpose, we adopt a parallel structure comprising two keyed permutations. The round function of each permutation is similar to Midori, a low-energy block ciphe...

Full description

Saved in:
Bibliographic Details
Published inIACR Transactions on Symmetric Cryptology Vol. 2021; no. 1; pp. 37 - 77
Main Authors Banik, Subhadeep, Isobe, Takanori, Liu, Fukang, Minematsu, Kazuhiko, Sakamoto, Kosei
Format Journal Article
LanguageEnglish
Published Ruhr-Universität Bochum 19.03.2021
Subjects
Lightweight Cryptography
Low Latency
Pseudorandom Function
Sum of Permutations
Online AccessGet full text

Cover

More Information
Summary:We present Orthros, a 128-bit block pseudorandom function. It is designed with primary focus on latency of fully unrolled circuits. For this purpose, we adopt a parallel structure comprising two keyed permutations. The round function of each permutation is similar to Midori, a low-energy block cipher, however we thoroughly revise it to reduce latency, and introduce different rounds to significantly improve cryptographic strength in a small number of rounds. We provide a comprehensive, dedicated security analysis. For hardware implementation, Orthros achieves the lowest latency among the state-of-the-art low-latency primitives. For example, using the STM 90nm library, Orthros achieves a minimum latency of around 2.4 ns, while other constructions like PRINCE, Midori-128 and QARMA9-128- σ0 achieve 2.56 ns, 4.10 ns, 4.38 ns respectively.
ISSN:2519-173X
2519-173X
DOI:10.46586/tosc.v2021.i1.37-77