Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Simpira v2: A Family of Efficient Permutations Using the AES Found Function



Ritam Bhaumik, Nilanjan Datta, Avijit Dutta, Nicky Mouha, Mrudil Nandi


This paper introduces Simpira, a family of cryptographic permutations that supports inputs of 128× b bits, where b is a positive integer.Itsdesigngoalis toachievehighthroughputonvirtually all modern64- bitprocessors, that nowadaysalready havenativeinstructionsfor AES.Toachieve thisgoal,Simpirausesonlyonebuildingblock: theAES round function. For b = 1, Simpira corresponds to 12- round AES with fixed round keys, whereas for b ≥ 2, Simpira is a Generalized Feistel Structure(GFS) with an F-function that consists of two rounds of AES. We claim that there are no structural distinguishers for Simpira with a complexity below 2128, and analyze its security against a variety of attacksinthissetting.Thethroughput ofSimpiraisclose tothetheoretical optimum, namely, the number of AES rounds in the construction. For example, on the Intel Skylake processor, Simpira has throughput below 1 cycle per byte for b ≤ 4 and b = 6. For larger permutations, where moving data in memory has a more pronounced effect, Simpira with b =32(512byteinputs) evaluates732AES rounds,andperformsat824 cycles (1.61cyclesperbyte),whichisless than13% off the theoretical optimum. If the data is stored in interleaved buffers, this overhead is reduced to less than 1%. The Simpira family offers an efficient solution when processing wide blocks, larger than 128 bits, is desired.
Proceedings Title
LNCS: Advanced in Cryptology - ASIACRYPT 2016
Conference Dates
December 4-8, 2016
Conference Location
Hanoi, VN
Conference Title
The 22nd Annual International Conference on the Theory and Application of Cryptology and
Information Security, ASIACRYPT 2016


Cryptographic permutation, AES-NI, Generalized Feistel Structure (GFS), Beyond Birthday-Bound (BBB) security, hash function, Lamport signature, wide-block encryption, Even-Mansour


Bhaumik, R. , Datta, N. , Dutta, A. , Mouha, N. and Nandi, M. (2016), Simpira v2: A Family of Efficient Permutations Using the AES Found Function, LNCS: Advanced in Cryptology - ASIACRYPT 2016, Hanoi, VN, [online],, (Accessed April 17, 2024)
Created November 8, 2016, Updated October 12, 2021