Institutional Repository
| Practical-time related-key attack on Hummingbird-2 | |
| Shi, ZQ; Zhang, B; Feng, DG | |
| 2015 | |
| 发表期刊 | IET INFORMATION SECURITY
![]() |
| ISSN | 1751-8709 |
| 卷号 | 9期号:6页码:321-327 |
| 摘要 | Hummingbird-2, designed by Engels et al., is a lightweight cipher with built-in MAC functionality. In this study, the authors examine the security of Hummingbird-2 in the related-key model. First, the authors define a new cryptographic notion of an S-box, called combination points, based on its differential equation, and demonstrate some properties of combination points. A potential application of the new notion is to recover some partial input of an S-box, and the authors show this on Hummingbird-2 by recovering some internal state bits. Then, by carefully studying the differential distributions of the S-boxes, a set of key dependent S-boxes can be derived and be used to recover the subkey word of Hummingbird-2. At last, by the divide and conquer strategy, all the 128 key bits can be recovered with a complexity of 2(40), which is much lower than that (2(64)) of the attack at FSE 2013. The attack has been fully implemented on a PC and the secret key has been recovered in a few hours. The results provide some new insights into the design of cryptographic S-boxes.; Hummingbird-2, designed by Engels et al., is a lightweight cipher with built-in MAC functionality. In this study, the authors examine the security of Hummingbird-2 in the related-key model. First, the authors define a new cryptographic notion of an S-box, called combination points, based on its differential equation, and demonstrate some properties of combination points. A potential application of the new notion is to recover some partial input of an S-box, and the authors show this on Hummingbird-2 by recovering some internal state bits. Then, by carefully studying the differential distributions of the S-boxes, a set of key dependent S-boxes can be derived and be used to recover the subkey word of Hummingbird-2. At last, by the divide and conquer strategy, all the 128 key bits can be recovered with a complexity of 2(40), which is much lower than that (2(64)) of the attack at FSE 2013. The attack has been fully implemented on a PC and the secret key has been recovered in a few hours. The results provide some new insights into the design of cryptographic S-boxes. |
| 收录类别 | SCI |
| 关键词 | Divide And Conquer Methods Cryptography Practical-time Related-key Attack Hummingbird-2 Lightweight Cipher Mac Functionality Cryptographic Notion Combination Points Differential Equation Internal State Bits Divide And Conquer Strategy Cryptographic S-boxes |
| 部门归属 | Chinese Acad Sci, Inst Software, TCA, Beijing 100190, Peoples R China. |
| 语种 | 英语 |
| WOS记录号 | WOS:000362505000003 |
| 引用统计 | |
| 内容类型 | 期刊论文 |
| URI标识 | http://ir.iscas.ac.cn/handle/311060/17431 |
| 专题 | 中国科学院软件研究所 |
| 推荐引用方式 GB/T 7714 | Shi, ZQ,Zhang, B,Feng, DG. Practical-time related-key attack on Hummingbird-2[J]. IET INFORMATION SECURITY,2015,9(6):321-327. |
| APA | Shi, ZQ,Zhang, B,&Feng, DG.(2015).Practical-time related-key attack on Hummingbird-2.IET INFORMATION SECURITY,9(6),321-327. |
| MLA | Shi, ZQ,et al."Practical-time related-key attack on Hummingbird-2".IET INFORMATION SECURITY 9.6(2015):321-327. |
| 条目包含的文件 | ||||||
| 文件名称/大小 | 文献类型 | 版本类型 | 开放类型 | 使用许可 | ||
| 07295683.pdf(319KB) | 开放获取 | 使用许可 | 请求全文 | |||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论