KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

Real Time Related Key Attack on Hummingbird-2

  • Zhang, Kai (Zhengzhou Information Science and Technology Institute) ;
  • Ding, Lin (Zhengzhou Information Science and Technology Institute) ;
  • Li, Junzhi (Zhengzhou Information Science and Technology Institute) ;
  • Guan, Jie (Zhengzhou Information Science and Technology Institute)
  • Received : 2012.05.02
  • Accepted : 2012.07.24
  • Published : 2012.08.25
Download PDF
⟨ Previous Next ⟩

Abstract

Hummingbird is a lightweight encryption and message authentication primitive published in RISC'09 and WLC'10. In FSE'11, Markku-Juhani O.Saarinen presented a differential divide-and-conquer method which has complexity upper bounded by $2^{64}$ operations and requires processing of few megabytes of chosen messages under two related nonces (IVs). The improved version, Hummingbird-2, was presented in RFIDSec 2011. Based on the idea of differential collision, this paper discovers some weaknesses of the round function WD16. Combining with the simple key loading algorithm, a related-key chosen-IV attack which can recover the full secret key is proposed. Under 15 pairs of related keys, the 128 bit initial key can be recovered, requiring $2^{27}$ chosen IV and the computational complexity is $O(2^{27})$. In average, the attack needs several minutes to recover the full 128-bit secret key on a PC. The experimental result corroborates our attack. The result shows that the Hummingbird-2 cipher can't resist related key attack.

Keywords

References

  1. D. Engels, M.J.O. Saarinen, and E.M. Smith, "The Hummingbird-2 Lightweight Authenticated Encryption Algorithm," in Proc. of the 7th Workshop on RFID Security and Privacy-RFIDSec 2011, 2011.
  2. D. Engels, X. Fan, G. Gong, H. Hu, and E.M. Smith, "Hummingbird: Ultra-Lightweight Cryptography for Resource-Constrained Devices," in Proc. of FC 2010 Workshops, RLCPS, WECSR, and WLC 2010, LNCS 6054, Springer-Verlag, pp.3-18, 2010.
  3. E. Biham, "New types of cryptanalytic attacks using related keys," in Proc. of EUROCRYT 1993, LNCS 765. Springer-Verlag, pp. 398-309, 1994.
  4. E. Biham, A. Shamir, "Differential Cryptanalysis of DES-like Cryptosystems," in Proc. of CRYPTO 1990. LNCS 537. Springer-Verlag, pp. 2-21, 1990.
  5. E. Biham, E. Dunkelman, O. Keller, "Related-key boomerang and rectangle attacks," in Proc. of EUROCRYPT 2005, LNCS 3494. Springer-Verlag, pp. 507-525, 2005.
  6. E. Biham, O. Dunkelman, N. Keller, "Related-key impossible differential attacks on 8-round AES-192," in Proc. of CT-RSA 2006, LNCS 3860. Springer-Verlag, pp. 21-33, 2006.
  7. G. Jakimoski, Y. Desmedt, "Related-Key differential cryptanalysis of 192-bit key AES Variants," in Proc. of SAC 2003, LNCS 3006. Springer-Verlag, pp.209 - 221, 2004.
  8. J. Keysey, B. Schneier, and D. Wanger, "Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES," in Proc. of CRYPTO 1996, LNCS 1109. Springer-Verlag, pp. 237-251, 1996.
  9. L. Knudsen, "Cryptanalysis of LOKI," in Proc. of ASIACRYPT 1992, LNCS 739, Springer-Verlag, pp.22-35, 1993.
  10. M.J.O. Saarinen, "Cryptanalysis of Hummingbird-1," in Proc. of FSE 2011. LNCS 6733, Springer-Verlag, pp.328-341, 2011.
  11. Q. Chai and G. Gong, "A Cryptanalysis of HummingBird-2: The Differential Sequence Analysis," Cryptology ePrint Archive. Report 2012/233 (2012). http://eprint.iacr.org/2012/233.pdf
  12. R.P. Weinmann and K. Wirt, "Analysis of the DVB Common Scrambling Algorithm," in Proc. of the Eighth IFIP TC-6 TC-11 Conference on Communications and Multimedia Security, CMS 2004, Kluwer Academic Publishers, vol. 175, pp.195-207, 2005.
  13. W. Zhang, W. Wu, L. Zhang, and D. Feng, "Improved related-key impossible differential attack on reduced-round AES-192," in Proc. of SAC 2006, LNCS 4356. Springer-Verlag, , pp.15-27, 2007.
  14. X. Fan and G. Gong, "On the Security of Hummingbird-2 against Side Channel Cube Attack," in Proc. of the 2011 West European Workshop on Research in Cryptography-WEWoRC 2011, Springer-Verlag, pp.100-104, 2011. http://www.uni-weimar.de/cms/fileadmin/medien/medsicherheit/WEWoRC2011/files/conference_record3.pdf#page=106