http://iet.metastore.ingenta.com
1887

Practical-time related-key attack on Hummingbird-2

Practical-time related-key attack on Hummingbird-2

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Hummingbird-2, designed by Engels et al., is a lightweight cipher with built-in MAC functionality. In this study, the authors examine the security of Hummingbird-2 in the related-key model. First, the authors define a new cryptographic notion of an S-box, called combination points, based on its differential equation, and demonstrate some properties of combination points. A potential application of the new notion is to recover some partial input of an S-box, and the authors show this on Hummingbird-2 by recovering some internal state bits. Then, by carefully studying the differential distributions of the S-boxes, a set of key dependent S-boxes can be derived and be used to recover the subkey word of Hummingbird-2. At last, by the divide and conquer strategy, all the 128 key bits can be recovered with a complexity of 240, which is much lower than that (264) of the attack at FSE 2013. The attack has been fully implemented on a PC and the secret key has been recovered in a few hours. The results provide some new insights into the design of cryptographic S-boxes.

References

    1. 1)
      • 1. Ferguson, N., Whiting, D., Schneier, B., Kelsey, J., Lucks, S., Kohno, T.: ‘Helix, fast encryption and authentication in a single cryptographic primitive’. FSE 2003, 2003, (LNCS, 2887), pp. 330346.
    2. 2)
      • 2. Whiting, D., Schneier, B., Lucks, S., Muller, F.: ‘Phelix: Fast encryption and authentication in a single cryptographic primitive’. Technical Report 2005/027, In eSTREAM, ECRYPT Stream Cipher Project, 2005.
    3. 3)
      • 3. Engels, D., Fan, X., Gong, G., Hu, H., Smith, E.M.: ‘Hummingbird: Ultra-lightweight cryptography for resource-constrained devices’. FC 2010, 2010, (LNCS, 6054), pp. 318.
    4. 4)
      • 4. Engels, D., Saarinen, M.J.O., Schweitzer, P., Smith, E.M.: ‘The Hummingbird-2 lightweight authenticated encryption algorithm’. RFIDSec 2011, 2011, (LNCS, 7055), pp. 1931.
    5. 5)
      • 5. ‘Directions in authenticated ciphers’, http://hyperelliptic.org/DIAC/.
    6. 6)
    7. 7)
      • 7. Whiting, D., Housley, R., Ferguson, N.: ‘AES encryption & authentication using CTR mode & CBC-MAC’, IEEE P802.11, 2002.
    8. 8)
      • 8. McGrew, D., Viega, J.: ‘The security and performance of the Galois/counter mode (GCM) of operation’. INDOCRYPT 2004, 2004, (LNCS, 3348), pp. 343355.
    9. 9)
      • 9. Iwata, T.: ‘New blockcipher modes of operation with beyond the birthday bound security’. FSE 2006, 2006, (LNCS, 4047), pp. 310327.
    10. 10)
      • 10. Iwata, T., Yasuda, K.: ‘HBS: a single-key mode of operation for deterministic authenticated encryption’. FSE 2009, 2009, (LNCS, 5665), pp. 394415.
    11. 11)
      • 11. Muller, F.: ‘Differential attacks against the Helix stream cipher’. FSE 2004, 2004, (LNCS, 3017), pp. 94108.
    12. 12)
      • 12. Paul, S., Preneel, B.: ‘Near optimal algorithms for solving differential equations of addition with batch queries’. Indocrypt 2005, 2005, (LNCS, 3797), pp. 90103.
    13. 13)
      • 13. Paul, S., Preneel, B.: ‘Solving systems of differential equations of addition’. ACISP 2005, 2005, (LNCS, 3574), pp. 7588.
    14. 14)
      • 14. Wu, H., Preneel, B.: ‘Differential-linear attacks against the stream cipher Phelix’. FSE 2007, 2007, (LNCS, 4593), pp. 87100.
    15. 15)
      • 15. Shi, Z., Zhang, B., Feng, D.: ‘Cryptanalysis of Helix and Phelix revisited’. ACISP 2013, 2013, (LNCS, 7959), pp. 2740.
    16. 16)
      • 16. Saarinen, M.J.O.: ‘Cryptanalysis of hummingbird-1’. FSE 2011, 2011, (LNCS, 6733), pp. 328341.
    17. 17)
      • 17. Chai, Q., Gong, G.: ‘A cryptanalysis of hummingbird-2: The Differential Sequence Analysis’. IACR Cryptology ePrint Archive, 2012/233, 2012.
    18. 18)
      • 18. Fan, X., Gong, G.: ‘On the security of hummingbird-2 against side channel cube attacks’. WEWoRC 2011, 2012, (LNCS, 7242), pp. 1829.
    19. 19)
      • 19. Zhu, B., Gong, G.: ‘Multidimensional meet-in-the-middle attack and its applications to GOST, KTANTAN and hummingbird-2’. IACR ePrint 2011/619, http://eprint.iacr.org/2011/619 (posted 18-Feb-2012 00:09:51 UTC).
    20. 20)
      • 20. Saarinen, M.J.O.: ‘Related-key attacks against full hummingbird-2’. FSE 2013, 2014, (LNCS, 8424), pp. 467482.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2014.0424
Loading

Related content

content/journals/10.1049/iet-ifs.2014.0424
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address