Institutional Repository
| Practical-time related-key attack on Hummingbird-2 | |
| Shi, ZQ; Zhang, B; Feng, DG | |
| 2015 | |
| Source | IET INFORMATION SECURITY
 |
| ISSN | 1751-8709 |
| Volume | 9Issue:6Pages:321-327 |
| English Abstract | Hummingbird-2, designed by Engels et al., is a lightweight cipher with built-in MAC functionality. In this study, the authors examine the security of Hummingbird-2 in the related-key model. First, the authors define a new cryptographic notion of an S-box, called combination points, based on its differential equation, and demonstrate some properties of combination points. A potential application of the new notion is to recover some partial input of an S-box, and the authors show this on Hummingbird-2 by recovering some internal state bits. Then, by carefully studying the differential distributions of the S-boxes, a set of key dependent S-boxes can be derived and be used to recover the subkey word of Hummingbird-2. At last, by the divide and conquer strategy, all the 128 key bits can be recovered with a complexity of 2(40), which is much lower than that (2(64)) of the attack at FSE 2013. The attack has been fully implemented on a PC and the secret key has been recovered in a few hours. The results provide some new insights into the design of cryptographic S-boxes.; Hummingbird-2, designed by Engels et al., is a lightweight cipher with built-in MAC functionality. In this study, the authors examine the security of Hummingbird-2 in the related-key model. First, the authors define a new cryptographic notion of an S-box, called combination points, based on its differential equation, and demonstrate some properties of combination points. A potential application of the new notion is to recover some partial input of an S-box, and the authors show this on Hummingbird-2 by recovering some internal state bits. Then, by carefully studying the differential distributions of the S-boxes, a set of key dependent S-boxes can be derived and be used to recover the subkey word of Hummingbird-2. At last, by the divide and conquer strategy, all the 128 key bits can be recovered with a complexity of 2(40), which is much lower than that (2(64)) of the attack at FSE 2013. The attack has been fully implemented on a PC and the secret key has been recovered in a few hours. The results provide some new insights into the design of cryptographic S-boxes. |
| Indexed Type | SCI |
| Keyword | Divide And Conquer Methods Cryptography Practical-time Related-key Attack Hummingbird-2 Lightweight Cipher Mac Functionality Cryptographic Notion Combination Points Differential Equation Internal State Bits Divide And Conquer Strategy Cryptographic S-boxes |
| Department | Chinese Acad Sci, Inst Software, TCA, Beijing 100190, Peoples R China. |
| Language | 英语 |
| WOS ID | WOS:000362505000003 |
| Citation statistics | |
| Content Type | 期刊论文 |
| URI | http://ir.iscas.ac.cn/handle/311060/17431 |
| Collection | 中国科学院软件研究所 |
| Recommended Citation GB/T 7714 | Shi, ZQ,Zhang, B,Feng, DG. Practical-time related-key attack on Hummingbird-2[J]. IET INFORMATION SECURITY,2015,9(6):321-327. |
| APA | Shi, ZQ,Zhang, B,&Feng, DG.(2015).Practical-time related-key attack on Hummingbird-2.IET INFORMATION SECURITY,9(6),321-327. |
| MLA | Shi, ZQ,et al."Practical-time related-key attack on Hummingbird-2".IET INFORMATION SECURITY 9.6(2015):321-327. |
| Files in This Item: | ||||||
| File Name/Size | DocType | Version | Access | License | ||
| 07295683.pdf(319KB) | 开放获取 | License | Application Full Text | |||
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment