Research Article
Security Cryptanalysis of NUX for the Internet of Things
Algorithm 2
Algorithm for linear approximations on NUX.
| Input: S-box , Bias threshold . | |
| Output: A linear approximation with the best bias. | |
| Data: The number of active S-boxes in i rounds . | |
| The number of active S-boxes of the i-th round . | |
| Generate the LAT of S-box. | |
| Store all 2, 4 and the corresponding input/output masks in LAT in the table | |
| for Each of 8 S-boxes in the first round do | |
| for all non-zero entities in LAT do | |
| if S-box is in then | |
| , . | |
| Store them in . | |
| else | |
| , . | |
| Store them in . | |
| Calculate , , , , and store them in . | |
| Calculate , , , , and store them in . | |
| Update to be 1. | |
| The bias is recorded as . | |
| for to do | |
| if then | |
| Travel to get , and its corresponding bias | |
| else if then | |
| Travel to get , and the corresponding bias | |
| Compute the total bias, and keep ones greater than threshold | |
| Calculate , , , , and store them in . | |
| Update the number of active S-boxes and bias | |
| for Each of 8 S-boxes in the first round do | |
| for all non-zero entities in DDT do | |
| Find the largest and store it in | |
| Output linear approximations with bias |