Boolean circuits for AE cores of NIST lightweight ciphers

This project reports the Boolean circuits for the cores of the AE algorithms in the NIST lightweight cryptography competitions. The use of the circuits are for Binary circuit based MPC, FHE and ZK Proofs applications. The circuits are produced using the CBMC-GC compiler [FHK + 14]. Possible optimizations were done while generating the circuits. The description of the core AE circuits are provided in two representations below. AE_Core_Name (r 100) means 100-round AE_Core_Name as the AE cores have iterative construction. The circuits for the remaining ciphers are coming soon.

AES ciruits can be found here and here.

Circuits in bristol format (AND, XOR, NOT):

ACE	ASCON	ASCON (r6)	ASCON (r8)	CHAM-ENC-64-128	CHAM-ENC-128-128	GASCON	GASCON (r11)
GIMLI	TweGIFT-64	TweGIFT-64-INV	GIFT-128	KECCAK-200	KECCAK-400	KNOT-256	KNOT-384
KNOT-512	PHOTON	SATURNIN	SKINNY-ENC-128-384	SKINNY-DEC-128-384	sLiSCP-LIGHT-192	sLiSCP-LIGHT-256	sLiSCP-LIGHT-256 (r9)
SPARKLE-256	SPARKLE-384	SPARKLE-512	SPECK-64-128	SPONGENT-160	SPONGENT-176	SHADOW-512	SPOOK (CLYDE-ENC-128)
SPOOK (CLYDE-DEC-128)	SUBTEREANEAN	TINYJAMBU-INIT	WAGE	XOODOO

Circuits in bristol format (AND, OR, XOR, NOT): Coming soon...

This project is maintained by Kalikinkar Mandal. To report any issues, suggestions or queries, please send an email to: kmandal [at] unb [dot] ca.