Practical-time related-key attack on Hummingbird-2

Zhenqin Shi, Bin Zhang, D. Feng
{"title":"Practical-time related-key attack on Hummingbird-2","authors":"Zhenqin Shi, Bin Zhang, D. Feng","doi":"10.1049/iet-ifs.2014.0424","DOIUrl":null,"url":null,"abstract":"Hummingbird-2, designed by Engels et al., is a lightweight cipher with built-in MAC functionality. In this study, the authors examine the security of Hummingbird-2 in the related-key model. First, the authors define a new cryptographic notion of an S-box, called combination points, based on its differential equation, and demonstrate some properties of combination points. A potential application of the new notion is to recover some partial input of an S-box, and the authors show this on Hummingbird-2 by recovering some internal state bits. Then, by carefully studying the differential distributions of the S-boxes, a set of key dependent S-boxes can be derived and be used to recover the subkey word of Hummingbird-2. At last, by the divide and conquer strategy, all the 128 key bits can be recovered with a complexity of 240, which is much lower than that (264) of the attack at FSE 2013. The attack has been fully implemented on a PC and the secret key has been recovered in a few hours. The results provide some new insights into the design of cryptographic S-boxes.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"12 1","pages":"321-327"},"PeriodicalIF":0.0000,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Inf. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1049/iet-ifs.2014.0424","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5

Abstract

Hummingbird-2, designed by Engels et al., is a lightweight cipher with built-in MAC functionality. In this study, the authors examine the security of Hummingbird-2 in the related-key model. First, the authors define a new cryptographic notion of an S-box, called combination points, based on its differential equation, and demonstrate some properties of combination points. A potential application of the new notion is to recover some partial input of an S-box, and the authors show this on Hummingbird-2 by recovering some internal state bits. Then, by carefully studying the differential distributions of the S-boxes, a set of key dependent S-boxes can be derived and be used to recover the subkey word of Hummingbird-2. At last, by the divide and conquer strategy, all the 128 key bits can be recovered with a complexity of 240, which is much lower than that (264) of the attack at FSE 2013. The attack has been fully implemented on a PC and the secret key has been recovered in a few hours. The results provide some new insights into the design of cryptographic S-boxes.
实际时间相关的关键攻击蜂鸟-2
Hummingbird-2由Engels等人设计,是一个内置MAC功能的轻量级密码。在这项研究中,作者在相关密钥模型中检验了Hummingbird-2的安全性。首先,根据s盒的微分方程,定义了s盒的一个新的密码学概念,称为组合点,并证明了组合点的一些性质。新概念的一个潜在应用是恢复s盒的部分输入,作者通过恢复一些内部状态比特在蜂鸟-2上展示了这一点。然后,通过仔细研究s盒的微分分布,可以导出一组依赖于关键字的s盒,用于恢复Hummingbird-2的子关键字。最后,通过分而治之的策略,128位密钥位全部恢复,其复杂度为240,远低于FSE 2013的攻击复杂度(264)。这次攻击已经在一台电脑上全面实施,密钥在几个小时内就被恢复了。研究结果为密码s盒的设计提供了一些新的见解。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信