Gimli is a 384-bit permutation designed to achieve high security with high performance across a broad range of platforms, including 64-bit Intel/AMD server CPUs, 64-bit and 32-bit ARM smartphone CPUs, 32-bit ARM microcontrollers, 8-bit AVR microcontrollers, FPGAs, ASICs without side-channel protection, and ASICs with side-channel protection.
Contributors (alphabetical order)
- Daniel J. Bernstein, University of Illinois at Chicago
- Stefan Kölbl, Technical University of Denmark
- Stefan Lucks, Bauhaus-Universität Weimar
- Pedro Maat Costa Massolino, Radboud University
- Florian Mendel, Graz University of Technology
- Kashif Nawaz, Université Catholique de Louvain
- Tobias Schneider, Ruhr-University Bochum
- Peter Schwabe, Radboud University
- François-Xavier Standaert, Université Catholique de Louvain
- Yosuke Todo, NTT Secure Platform Laboratories
- Benoît Viguier, Radboud University
This work resulted from the Lorentz Center Workshop "HighLight: High-security lightweight cryptography".
This work was supported by the Commission of the European Communities through the Horizon 2020 program under project number 645622 (PQCRYPTO) and project number 645421 (ECRYPT-CSA).
This work was supported by the Austrian Science Fund (FWF) under grant P26494-N15.
This work was supported by the ARC project NANOSEC.
This work was supported by the Belgian Fund for Scientific Research (FNRS-F.R.S.)
This work was supported by the Technology Foundation STW (project 13499 TYPHOON), from the Dutch government.
This work was supported by the Netherlands Organisation for Scientific Research (NWO) under grant 639.073.005.
This work was supported by the U.S. National Science Foundation under grant 1314919. "Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation."
Version: This is version 2017.06.27 of the Intro web page.