Research Article
Security Cryptanalysis of NUX for the Internet of Things
Algorithm 2
Algorithm for linear approximations on NUX.
Input: S-box , Bias threshold . | |
Output: A linear approximation with the best bias. | |
Data: The number of active S-boxes in i rounds . | |
The number of active S-boxes of the i-th round . | |
Generate the LAT of S-box. | |
Store all 2, 4 and the corresponding input/output masks in LAT in the table | |
for Each of 8 S-boxes in the first round do | |
for all non-zero entities in LAT do | |
if S-box is in then | |
, . | |
Store them in . | |
else | |
, . | |
Store them in . | |
Calculate , , , , and store them in . | |
Calculate , , , , and store them in . | |
Update to be 1. | |
The bias is recorded as . | |
for to do | |
if then | |
Travel to get , and its corresponding bias | |
else if then | |
Travel to get , and the corresponding bias | |
Compute the total bias, and keep ones greater than threshold | |
Calculate , , , , and store them in . | |
Update the number of active S-boxes and bias | |
for Each of 8 S-boxes in the first round do | |
for all non-zero entities in DDT do | |
Find the largest and store it in | |
Output linear approximations with bias |