- Straight-forward
*bit-sliced*implementation - Even naïve implementations are
*constant-time* - Very cheap
*countermeasures*due to 4-bit S-Box, compared to ARX- or AES-based designs - Fast and compact in
*software*on a wide range of platforms - Fast, compact and energy-efficient low-latency implementation in
*hardware*

- Based on a large, cryptographically secure permutation. This is arguably
*the simplest way*to build primitives for symmetric-key cryptography. This means no nasty key-scheduling algorithms. - Based on a
*single*permutation. This means that questions pertaining to security using different permutations are out the window!

Document | Author | Download |
---|---|---|

PRØST specification documents | ||

Version 1.1 | PRØST team | |

Version 1.0 | PRØST team | |

PRØST security proofs | Martin M. Lauridsen | |

Implementations | ||

Reference implemenations in C for SUPERCOP | The PRØST team | SUPERCOP |

Python implementation of PRØST permutation | Thom Wiggers | Github |

Test vectors | ||

Source for generating test vectors | PRØST team | ZIP |

PRØST-128 test vectors | PRØST team | vec 1, vec 2, vec 3 |

PRØST-256 test vectors | PRØST team | vec 1, vec 2, vec 3 |

External cryptanalysis | ||

XPX mode, including related-key security for PRØST with COPA | Bart Mennink | ePrint report 2015/476 |

Analysis of ShiftPlanes constants | Christof Beierle, Philipp Jovanovic, Martin M. Lauridsen, Gregor Leander, and Christian Rechberger | ePrint report 2015/212 |

Related-key key-recovery on Prøst-OTR | Pierre Karpman | ePrint report 2015/134 |

Attack on 8-round PRØST-128 in SEM | Yosuke Todo and Kazumaro Aoki | Springer |

Related-Key Forgeries for PRØST-OTR | Christoph Dobraunig, Maria Eichlseder, and Florian Mendel | FSE 2015, to appear |

On the behaviors of affine equivalent Sboxes regarding differential and linear attacks | Anne Canteaut and Joëlle Roué | Eurocrypt 2015, to appear |

Other documents | ||

Slides for presentation at DIAC 2014 | PRØST team | |

Observations on PRØST and Minalpher | Kazumaro Aoki |

@misc{proest:2014, author = {Elif Bilge Kavun and Martin M. Lauridsen and Gregor Leander and Christian Rechberger and Peter Schwabe and Tolga Yal\c{c}{\i}n}, title = {{Pr\o st}}, howpublished = {{CAESAR Proposal}}, year = {2014}, note = {\url{http://proest.compute.dtu.dk}} }