Solving Circuit Optimisation Problems in Cryptography and Cryptanalysis

One of the hardest practical problems in computer science is the problem of gate-efficient implementation. Such optimizations are particularly important in industrial hardware implementations of standard cryptographic algorithms. In this paper we focus on optimizing some small digital circuits such as S-boxes in some well-known ciphers. We consider the notion of Multiplicative Complexity which was recently applied to find gate-efficient implementations for the S-box of the U.S. encryption standard AES [3, 5, 6]. We applied the same methodology to produce a compact implementation of several ciphers. In this short paper we report our results on PRESENT [2] and GOST [14, 15], two block ciphers known for their exceptionally low hardware cost. This kind of minimization seems to be very promising in implementations aiming at preventing side channel attacks on cryptographic chips. It also has interesting applications in cryptanalysis of ciphers.