The ZUC cipher is an algorithm developed by the Chinese Academy of Sciences for LTE (long term evolution) wireless access cipher algorithms. The ZUC cipher is a word-oriented stream cipher that takes a 128-bit initial key and a 128-bit initial vector as input, and outputs a key stream of 32-bit words. The key stream can be used for encryption/decryption. The ZUC cipher core is built upon three components: (1) a linear feedback shift register, (2) a bit reorganization layer, and (3) a non-linear function layer.
The nonlinear function involves finding the inverse of an 8-bit number, considered as an element of the Galois field GF(28). The Galois inverse is not a simple calculation, and so many current implementations use a lookup table of an S-box (substitution box) function output. A S-box takes a byte input and maps the byte input to a byte output. Typically, the ZUC cipher algorithm includes two S-boxes, S0 and S1. S1 is generally a 256-byte lookup table, where the inputs are mapped to outputs in the lookup table. The table look-up method may be fast and easy to implement, but for hardware implementations of ZUC, the lookup table can involve a significant allocation of hardware resources. Traditional implementations of the S1 S-Box generally use much physical space, which may be costly and not suitable for high speed VLSI (very large scale integration) circuit designs.