一种用于寻找维度不超过9的二次向量布尔函数轻量级（与、异或）实现的新工具 (A New Tool to Find Lightweight (And, Xor) Implementations of Quadratic Vectorial Boolean Functions up to Dimension 9)

The problem of finding a minimal circuit to implement a given function is one of the oldest in electronics. It is known to be NP-hard. Still, many tools exist to find sub-optimal circuits to implement a function. In electronics, such tools are known as synthesisers. However, these synthesisers aim to implement very large functions (a whole electronic chip). In cryptography, the focus is on small functions, hence the necessity for new dedicated tools for small functions. Several tools exist to implement small functions. They differ by their algorithmic approach (some are based on Depth-First-Search as introduced by Ullrich in 2011, some are based on SAT-solvers like the tool desgined by Stoffelen in 2016, some non-generic tools use subfield decomposition) and by their optimisation criteria (some optimise for circuit size, others for circuit depth, and some for side-channel-protected implementations). However, these tools are limited to functions operating on less than 5 bits, sometimes 6 bits for quadratic functions, or to very simple functions. The limitation lies in a high computing time. We propose a new tool (The tool is provided alongside the IEEE article with CodeOcean and at https://github.com/seduval/implem-quad-sbox) to implement quadratic functions up to 9 bits within AND-depth 1, minimising the number of AND gates. This tool is more time-efficient than previous ones, allowing to explore larger implementations than others on 6 bits or less and allows to reach larger sizes, up to 9 bits.

翻译：寻找实现给定函数的最小电路是电子学中最古老的问题之一，已知其为NP难问题。尽管如此，现有许多工具可用于寻找实现函数的次优电路。在电子学中，此类工具被称为综合器。然而，这些综合器旨在实现非常庞大的函数（整个电子芯片）。在密码学中，关注点在于小型函数，因此需要为小型函数开发新的专用工具。目前存在多种实现小型函数的工具。它们在算法方法上有所不同（有些基于Ullrich于2011年提出的深度优先搜索，有些基于SAT求解器，如Stoffelen于2016年设计的工具，还有一些非通用工具使用子域分解技术），并且在优化标准上也存在差异（有些优化电路规模，有些优化电路深度，还有些针对侧信道防护的实现进行优化）。然而，这些工具仅限于处理少于5比特（对于二次函数有时为6比特）的函数，或非常简单的函数。其局限性在于计算时间过长。我们提出了一种新工具（该工具随IEEE文章通过CodeOcean提供，并可在https://github.com/seduval/implem-quad-sbox获取），用于在AND深度为1的条件下实现最多9比特的二次函数，并最小化AND门的数量。该工具在时间效率上优于现有工具，能够在6比特或更少比特数的情况下探索比现有工具更大规模的实现，并支持达到最多9比特的更大规模实现。