SAND-2: An optimized implementation of lightweight block cipher

Abstract

The development of ARX-based lightweight block ciphers has been plagued by the difficulty of theoretical security analysis. SAND solves this problem better by obtaining an equivalent representation based on a synthetic S-box. This paper analyzed SAND in terms of diffusivity and found that it can be optimized. SAND has the issue of slow diffusion after the initial plaintext and key are all 0. On the other hand, it takes at least 11 rounds for SAND to reach full diffusion without AddRoundKey. Thus, this paper proposes a high-diffusion architecture SAND-2 to address the above issues. Firstly, issue 1 is solved by replacing the AND operation with a NAND operation and calling the round function dynamically. Then, in order to solve issue 2, P1 and P2 permutations are introduced into G0 and G1, respectively. The full diffusion speed of SAND-2 is 63.7% increased compared to SAND. In addition, the comparison results of hardware indicators show that the hardware resources of SAND-2 are slightly lower, and the throughput is 10% higher than SAND. Finally, the security analysis shows that SAND-2 reaches the upper bound of the resisting differential analysis in fewer rounds.