Lightweight AEAD and Hashing using the Sparkle Permutation Family
We introduce the Sparkle family of permutations operating on 256, 384 and 512 bits. These are combined with the Beetle mode to construct a family of authenticated ciphers, Schwaemm, with security levels ranging from 120 to 250 bits. We also use them to build new sponge-based hash functions, Esch256...
Saved in:
| Published in | IACR Transactions on Symmetric Cryptology Vol. 2020; no. S1; pp. 208 - 261 |
|---|---|
| Main Authors | , , , , , , , |
| Format | Journal Article |
| Language | English |
| Published |
Ruhr Universität Bochum
22.06.2020
Ruhr-Universität Bochum |
| Series | Special Issue on Designs for the NIST Lightweight Standardisation Process |
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | We introduce the Sparkle family of permutations operating on 256, 384 and 512 bits. These are combined with the Beetle mode to construct a family of authenticated ciphers, Schwaemm, with security levels ranging from 120 to 250 bits. We also use them to build new sponge-based hash functions, Esch256 and Esch384. Our permutations are among those with the lowest footprint in software, without sacrificing throughput. These properties are allowed by our use of an ARX component (the Alzette S-box) as well as a carefully chosen number of rounds. The corresponding analysis is enabled by the long trail strategy which gives us the tools we need to efficiently bound the probability of all the differential and linear trails for an arbitrary number of rounds. We also present a new application of this approach where the only trails considered are those mapping the rate to the outer part of the internal state, such trails being the only relevant trails for instance in a differential collision attack. To further decrease the number of rounds without compromising security, we modify the message injection in the classical sponge construction to break the alignment between the rate and our S-box layer. |
|---|---|
| AbstractList | We introduce the Sparkle family of permutations operating on 256, 384 and 512 bits. These are combined with the Beetle mode to construct a family of authenticated ciphers, Schwaemm, with security levels ranging from 120 to 250 bits. We also use them to build new sponge-based hash functions, Esch256 and Esch384. Our permutations are among those with the lowest footprint in software, without sacrificing throughput. These properties are allowed by our use of an ARX component (the Alzette S-box) as well as a carefully chosen number of rounds. The corresponding analysis is enabled by the long trail strategy which gives us the tools we need to efficiently bound the probability of all the differential and linear trails for an arbitrary number of rounds. We also present a new application of this approach where the only trails considered are those mapping the rate to the outer part of the internal state, such trails being the only relevant trails for instance in a differential collision attack. To further decrease the number of rounds without compromising security, we modify the message injection in the classical sponge construction to break the alignment between the rate and our S-box layer. |
| Author | Udovenko, Aleksei Grossschädl, Johann Beierle, Christof Perrin, Léo Velichkov, Vesselin Biryukov, Alex Wang, Qingju Cardoso dos Santos, Luan |
| Author_xml | – sequence: 1 givenname: Christof surname: Beierle fullname: Beierle, Christof organization: Ruhr University Bochum = Ruhr-Universität Bochum – sequence: 2 givenname: Alex surname: Biryukov fullname: Biryukov, Alex organization: Université du Luxembourg = University of Luxembourg = Universität Luxemburg – sequence: 3 givenname: Luan surname: Cardoso dos Santos fullname: Cardoso dos Santos, Luan organization: Université du Luxembourg = University of Luxembourg = Universität Luxemburg – sequence: 4 givenname: Johann surname: Grossschädl fullname: Grossschädl, Johann organization: Université du Luxembourg = University of Luxembourg = Universität Luxemburg – sequence: 5 givenname: Léo surname: Perrin fullname: Perrin, Léo organization: Cryptologie symétrique, cryptologie fondée sur les codes et information quantique – sequence: 6 givenname: Aleksei surname: Udovenko fullname: Udovenko, Aleksei organization: Université du Luxembourg = University of Luxembourg = Universität Luxemburg – sequence: 7 givenname: Vesselin surname: Velichkov fullname: Velichkov, Vesselin organization: The University of Edinburgh – sequence: 8 givenname: Qingju surname: Wang fullname: Wang, Qingju organization: Université du Luxembourg = University of Luxembourg = Universität Luxemburg |
| BackLink | https://inria.hal.science/hal-03135807$$DView record in HAL |
| BookMark | eNpVjMtOwkAARScGExH5Brt10Trvx7JBsCRNNEETd810ZkoHS0vaAcPfC-JCN-fenMW5BaO2ax0A9wgmiCBGH0M3mOSAIYaJX6EEQxljjq7AGDOkYiTIx-jPvwHTYdhACLFUhFM1Bmnu13X4cmdG6Tx9inRro0wPtW_X0X44M9QuWu10_9m46NX1233QwXdttNBb3xzvwHWlm8FNf3cC3hfzt1kW5y_Py1maxxYzFmJHLEOl4EpgooyAykIrSomgUoJAzYRGtrL8BCUxVdghaQVlppRMcEMcmYDlpWs7vSl2vd_q_lh02hc_ouvXhe6DN40rKm7KyghaKmNpZXiJqeXWEsEqTIi0p9bDpVXr5l8qS_Pi7CBBhEkoDoh8A6xqavo |
| ContentType | Journal Article |
| Copyright | Distributed under a Creative Commons Attribution 4.0 International License |
| Copyright_xml | – notice: Distributed under a Creative Commons Attribution 4.0 International License |
| DBID | 1XC DOA |
| DOI | 10.13154/tosc.v2020.iS1.208-261 |
| DatabaseName | Hyper Article en Ligne (HAL) DOAJ Directory of Open Access Journals |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: DOA name: Directory of Open Access Journals (DOAJ) url: https://www.doaj.org/ sourceTypes: Open Website |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISSN | 2519-173X |
| EndPage | 261 |
| ExternalDocumentID | oai_doaj_org_article_f6cbfc74b9cd4fc6b24d6dd375f2338d oai_HAL_hal_03135807v1 |
| GroupedDBID | 1XC ADBBV ALMA_UNASSIGNED_HOLDINGS BCNDV GROUPED_DOAJ |
| ID | FETCH-LOGICAL-d255t-e3d51b7697239c709d0d7b81099730a57a1dfd61df982492e18d745cb8576c3e3 |
| IEDL.DBID | DOA |
| ISSN | 2519-173X |
| IngestDate | Wed Aug 27 01:28:15 EDT 2025 Wed Jul 23 06:30:27 EDT 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | S1 |
| Language | English |
| License | Distributed under a Creative Commons Attribution 4.0 International License: http://creativecommons.org/licenses/by/4.0 |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-d255t-e3d51b7697239c709d0d7b81099730a57a1dfd61df982492e18d745cb8576c3e3 |
| OpenAccessLink | https://doaj.org/article/f6cbfc74b9cd4fc6b24d6dd375f2338d |
| PageCount | 54 |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_f6cbfc74b9cd4fc6b24d6dd375f2338d hal_primary_oai_HAL_hal_03135807v1 |
| PublicationCentury | 2000 |
| PublicationDate | 2020-06-22 |
| PublicationDateYYYYMMDD | 2020-06-22 |
| PublicationDate_xml | – month: 06 year: 2020 text: 2020-06-22 day: 22 |
| PublicationDecade | 2020 |
| PublicationSeriesTitle | Special Issue on Designs for the NIST Lightweight Standardisation Process |
| PublicationTitle | IACR Transactions on Symmetric Cryptology |
| PublicationYear | 2020 |
| Publisher | Ruhr Universität Bochum Ruhr-Universität Bochum |
| Publisher_xml | – name: Ruhr Universität Bochum – name: Ruhr-Universität Bochum |
| SSID | ssj0002893649 |
| Score | 2.316876 |
| Snippet | We introduce the Sparkle family of permutations operating on 256, 384 and 512 bits. These are combined with the Beetle mode to construct a family of... |
| SourceID | doaj hal |
| SourceType | Open Website Open Access Repository |
| StartPage | 208 |
| SubjectTerms | Authenticated Encryption Computer Science Cryptography and Security Hash functions Lightweight Cryptography Long Trail Strategy NIST SPARKLE |
| Title | Lightweight AEAD and Hashing using the Sparkle Permutation Family |
| URI | https://inria.hal.science/hal-03135807 https://doaj.org/article/f6cbfc74b9cd4fc6b24d6dd375f2338d |
| Volume | 2020 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV07T8MwELZQJxYEAkR5yUKsaZPYsZ0xQKsIFYRUKnWLEj94qq3atPx97uIglYmFJYOHOLlLfN_nO39HyLV0oTMMPMDxhAzEYxmkirtAKCaUSgQXBjO6D48in_D7aTLdavWFNWFeHtgbru-ErpyWvEq14U6LKuZGGMNk4mKgVwZXX4h5W2Tq3afPmOBpW9DFACf06_lK9zbA9cPe2xiZIXwhjTQ2TgmR5fVnJ7WJLMN9stdCQpr5RzkgO3Z2SLIRsuavZuOSZoPsjgLlp7lvfUSxWv2FAnaj40W5_Pi09AlW2LVPq1PfzOKITIaD59s8aNsdBAZwfR1YZpKokgL7gKVahqkJjawUpq7gNywTWUbGGQGXVKHOn42UkTzRlQLOoJllx6Qzm8_sCaGh5lZaC-TEOa5MrEKnIfLrUgN8i2PXJTf41sXCK1oUqDHdDIDli9byxV-W75IrsNmve-TZqMAxFIRMVCg30el_zHRGdtFvWKEVx-ekUy_X9gKwQF1dNm7_BuCtsR0 |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Lightweight+AEAD+and+Hashing+using+the+Sparkle+Permutation+Family&rft.jtitle=IACR+Transactions+on+Symmetric+Cryptology&rft.au=Christof+Beierle&rft.au=Alex+Biryukov&rft.au=Luan+Cardoso+dos+Santos&rft.au=Johann+Gro%C3%9Fsch%C3%A4dl&rft.date=2020-06-22&rft.pub=Ruhr-Universit%C3%A4t+Bochum&rft.eissn=2519-173X&rft.volume=2020&rft.issue=S1&rft_id=info:doi/10.13154%2Ftosc.v2020.iS1.208-261&rft.externalDBID=DOA&rft.externalDocID=oai_doaj_org_article_f6cbfc74b9cd4fc6b24d6dd375f2338d |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2519-173X&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2519-173X&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2519-173X&client=summon |