×

Espresso: a stream cipher for 5G wireless communication systems. (English) Zbl 1362.94029

Summary: The demand for more efficient ciphers is a likely to sharpen with new generation of products and applications. Previous cipher designs typically focused on optimizing only one of the two parameters - hardware size or speed, for a given security level. In this paper, we present a methodology for designing a class of stream ciphers which takes into account both parameters simultaneously. We combine the advantage of the Galois configuration of NLFSRs, short propagation delay, with the advantage of the Fibonacci configuration of NLFSRs, which can be analyzed formally. According to our analysis, the presented stream cipher Espresso is the fastest among the ciphers below 1500 GE, including Grain-128 and Trivium.

MSC:

94A60 Cryptography
PDF BibTeX XML Cite
Full Text: DOI Link

References:

[1] Olsson, M., Cavdar, C., Frenger, P., Tombaz, S., Sabella, D., Jantti, R.: 5green: Towards green 5g mobile networks. In: Int. Conf. on Wireless and Mobile Computing, Networking and Communications, pp 212-216 (2013) · Zbl 1289.94056
[2] Ericsson White Paper: 5G radio access, June 2013. http://www.ericsson.com/res/docs/whitepapers/wp-5g.pdf
[3] Hell, M; Johansson, T; Maximov, A; Meier, W, The grain family of stream ciphers, new stream cipher designs: the estream finalists, LNCS, 4986, 179-190, (2008)
[4] Cannière, C; Preneel, B, Trivium, new stream cipher designs: the estream finalists, LNCS, 4986, 244-266, (2008) · Zbl 1285.94054
[5] Lidl, R., Niederreiter, H.: Introduction to Finite Fields and their Applications. Cambridge Univ. Press (1994) · Zbl 0820.11072
[6] Dubrova, E, A transformation from the Fibonacci to the Galois nlfsrs, IEEE Trans. Inf. Theory, 55, 5263-5271, (2009) · Zbl 1367.94287
[7] Schneier, B.: Applied cryptography (2nd ed.): protocols, algorithms, and source code in C. John Wiley & Sons, Inc., NY (1995) · Zbl 0789.94001
[8] Daemen, J., Rijmen, V.: AES proposal: Rijndael. National Institute of Standards and Technology (2003)
[9] Robshaw, M.: Stream ciphers, Tech. Rep. TR - 701 (1994)
[10] De Cannière, C., Dunkelman, O., zević, M.K.: KATAN and KTANTAN— a family of small and efficient hardware-oriented block ciphers. In: Cryptographic Hardware and Embedded Systems—CHES 2009, vol. 5747, pp 272-288. Springer (2009) · Zbl 1290.94060
[11] Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.: The led block cipher. In: Preneel, B., Takagi, T. (eds.) Cryptographic Hardware and Embedded Systems, CHES 2011. vol. 6917 of Lecture Notes in Computer Science, 326-341, Springer Berlin / Heidelberg (2011) · Zbl 1291.94092
[12] Gong, Z., Nikova, S., Law, Y.: Klein: A new family of lightweight block ciphers. In: Juels, A., Paar, C. (eds.) RFID. Security and Privacy. vol. 7055 of Lecture Notes in Computer Science, 1-18, Springer Berlin Heidelberg (2012)
[13] Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: An Ultra-Lightweight Block Cipher. In: Cryptographic Hardware and Embedded Systems—CHES 2007, vol. 4727 of Lecture Notes in Computer Science, 450-466, Springer Berlin Heidelberg (2007) · Zbl 1142.94334
[14] Shibutani, K., Isobe, T., Hiwatari, H., Mitsuda, A., Akishita, T., Shirai, T.: Piccolo: An ultra-lightweight blockcipher. In: Preneel, B., Takagi, T. (eds.) Cryptographic Hardware and Embedded Systems - CHES 2011. vol. 6917 of Lecture Notes in Computer Science, 342-357, Springer (2011) · Zbl 1291.94154
[15] Suzaki, T., Minematsu, K., Morioka, S., Kobayashi, E.: TWINE: A lightweight block cipher for multiple platforms. In: Knudsen, L., Wu, H. (eds.) Selected Areas in Cryptography—SAC 2012. vol. 7707 of Lecture Notes in Computer Science, pp. 339-354, Springer Berlin Heidelberg (2013) · Zbl 1327.94075
[16] Juels, A, RFID security and privacy: a research survey, IEEE J. Sel. Areas Commun., 24, 381-394, (2006)
[17] Borghoff, J., Canteaut, A., Gneysu, T., Kavun, E., Knezevic, M., Knudsen, L., Leander, G., Nikov, V., Paar, C., Rechberger, C., Rombouts, P., Thomsen, S., Yaln, T.: Prince a low-latency block cipher for pervasive computing applications. In: Wang, X., Sako, K. (eds.) Advances in Cryptology ASIACRYPT 2012. vol. 7658 of Lecture Notes in Computer Science, pp. 208-225, Springer Berlin Heidelberg (2012) · Zbl 1292.94035
[18] Biham, E., Dunkelman, O.: Cryptanalysis of the A5/1 GSM stream cipher. In: INDOCRYPT ’00: Proceedings of the First International Conference on Progress in Cryptology, (London, UK), pp 43-51. Springer-Verlag (2000) · Zbl 0963.94019
[19] Tews, E., Weinmann, R.-P., Pyshkin, A.: Breaking 104-bit wep in under a minute. Cryptology ePrint Archive, Report 2007/120 (2007). http://eprint.iacr.org/
[20] Golomb, S.: Shift Register Sequences. Aegean Park Press (1982) · Zbl 1152.94383
[21] Golic, J.: On the security of nonlinear filter generators. In: Gollmann, D. (ed.) Fast Software Encryption. vol. 1039 of Lecture Notes in Computer Science, pp. 173-188, Springer Berlin / Heidelberg (1996) · Zbl 1373.94916
[22] Braeken, A., Lano, J.: On the (im)possibility of practical and secure nonlinear filters and combiners. In: Proceedings of the 12th international conference on Selected Areas in Cryptography, SAC’05, (Berlin, Heidelberg), pp 159-174. Springer-Verlag (2006) · Zbl 1151.94486
[23] Cusick, T.W., Stǎnicǎ, P.: Cryptographic Boolean functions and applications. San Diego, CA, USA: Academic Press (2009)
[24] Dubrova, E, A scalable method for constructing Galois NLFSRs with period 2\^{}{\(n\)}−1 using cross-join pairs, IEEE Trans. Inf. Theory, 1, 703-709, (2013) · Zbl 1364.94502
[25] Dubrova, E.: A method for generating full cycles by a composition of NLFSRs, Design, Codes and Cryptography (2012)
[26] Berbain, C., Gilbert, H., Maximov, A.: Cryptanalysis of Grain. In: Robshaw, M. (ed.) Fast Software Encryption 2006. vol. 4047 of Lecture Notes in Computer Science, pp. 15-29, Springer (2006) · Zbl 1234.68090
[27] Wagner, D.: A generalized birthday problem. In: Yung, M. (ed.) Advances in Cryptology—CRYPTO 2002. vol. 2442 of Lecture Notes in Computer Science, pp. 288-303, Springer (2002) · Zbl 1026.94541
[28] Golić, JD, Computation of low-weight parity check polynomials, Electron. Lett., 32, 1981-1982, (1996)
[29] Courtois, N., Meier, W.: Algebraic attacks on stream ciphers with linear feedback. In: Biham, E. (ed.) Advances in Cryptology—EUROCRYPT 2003. vol. 2656 of Lecture Notes in Computer Science, pp. 345-359, Springer (2003) · Zbl 1038.94525
[30] Armknecht, F., Krause, M.: Algebraic attacks on combiners with memory. In: Boneh, D. (ed.) Advances in Cryptology—CRYPTO 2003. vol. 2729 of Lecture Notes in Computer Science, pp. 162-176, Springer (2003) · Zbl 1122.94346
[31] Courtois, N., Klimov, A., Patarin, J., Shamir, A.: Efficient algorithms for solving overdefined systems of multivariate polynomial equations. In: Preneel, B. (ed.) Advances in Cryptology—EUROCRYPT 2003. vol. 1807 of Lecture Notes in Computer Science, pp. 392-407, Springer (2000) · Zbl 1082.94514
[32] Courtois, N., Pieprzyk, J.: Cryptanalysis of block ciphers with overdefined systems of equations. In: Zheng, Y. (ed.) Advances in Cryptology—ASIACRYPT 2002. vol. 2501 of Lecture Notes in Computer Science, pp. 267-287, Springer (2002) · Zbl 1065.94543
[33] Faugére, J.-C., Joux, A.: Algebraic cryptanalysis of Hidden Field Equation (HFE) cryptosystems using Gröbner bases. In: Boneh, D. (ed.) Advances in Cryptology—CRYPTO 2003. vol. 2729 of Lecture Notes in Computer Science, pp. 44-60, Springer (2003) · Zbl 1122.94371
[34] Meier, W., Pasalic, E., Carlet, C.: Algebraic attacks and decomposition of Boolean functions. In: Advances in Cryptology—EUROCRYPT 2004. vol. 3027 of Lecture Notes in Computer Science, pp. 474-491, Springer (2004) · Zbl 1122.94041
[35] Golić, J.: Cryptanalysis of alleged A5 stream cipher. In: Fumy, W. (ed.) Advances in Cryptology—EUROCRYPT 1997. vol. 1233 of Lecture Notes in Computer Science, pp. 239-255, Springer (1997)
[36] Babbage, S.: A space/time tradeoff in exhaustive search attacks on stream ciphers. In: European Convention on Security and Detection, no. 408 in IEE Conference Publication (1995)
[37] Biryukov, A., Shamir, A.: Cryptanalytic time/memory/data tradeoffs for stream ciphers. In: Okamoto, T. (ed.) Advances in Cryptology—ASIACRYPT 2000. vol. 1976 of Lecture Notes in Computer Science, pp. 1-13, Springer (2000) · Zbl 0980.94013
[38] Hong, J., Sarkar, P.: New applications of time memory data tradeoffs. In: Roy, B. (ed.) Advances in Cryptology—ASIACRYPT 2005. vol. 3788 of Lecture Notes in Computer Science, pp. 353-372, Springer (2005) · Zbl 1154.68395
[39] Hellman, M, A cryptanalytic time-memory trade-off, IEEE Trans. Inf. Theory, IT-26, 401-406, (1980) · Zbl 0436.94016
[40] Mihaljevic, MJ; Gangopadhyay, S; Paul, G; Imai, H, Internal state recovery of grain-v1 employing normality order of the filter function, IET Inf. Secur., 6, 55-64, (2012)
[41] Mihaljevic, MJ; Gangopadhyay, S; Paul, G; Imai, H, Generic cryptographic weakness of k-normal Boolean functions in certain stream ciphers and cryptanalysis of grain-128, Period. Math. Hung., 65, 205-227, (2012) · Zbl 1289.94056
[42] Bernstein, D.J.: Understanding brute force. eSTREAM, ECRYPT Stream Cipher Project, Report 2005/036 (2005). http://www.ecrypt.eu.org/stream
[43] Dinur, I., Shamir, A.: Cube Attacks on Tweakable Black Box Polynomials. In: Joux, A. (ed.) Advances in Cryptology—EUROCRYPT 2009. vol. 5479 of Lecture Notes in Computer Science, pp. 278-299, Springer (2009) · Zbl 1239.94045
[44] Vielhaber, M.: Breaking ONE.FIVIUM by AIDA an Algebraic IV Differential attack. Available at: http://eprint.iacr.org/2007/413/ (2007)
[45] Saarinen, M.-J.O.: Chosen-IV statistical attacks on eStream stream ciphers, Proc. Stream Ciphers Revisited (SASC’06) (2006)
[46] Stankovski, P.: Greedy distinguishers and nonrandomness detectors. In: Gong, G., Gupta, K.C. (eds.) Progress in Cryptology—INDOCRYPT 2010. vol. 6498 of Lecture Notes in Computer Science, pp. 210-226, Springer (2010) · Zbl 1294.94078
[47] Biham, E., Dunkelman, O.: Differential cryptanalysis in stream ciphers. Cryptology ePrint Archive, Report 2007/218 (2007). http://eprint.iacr.org/
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. It attempts to reflect the references listed in the original paper as accurately as possible without claiming the completeness or perfect precision of the matching.