Cryptanalysis of ARMADILLO2

Mohamed Ahmed Abdelraheem; Céline Blondeau; María Naya-Plasencia; Marion Videau; Erik Zenner

Paper 2011/160

Cryptanalysis of ARMADILLO2

Mohamed Ahmed Abdelraheem, Céline Blondeau, María Naya-Plasencia, Marion Videau, and Erik Zenner

Abstract

ARMADILLO2 is the recommended variant of a multi-purpose cryptographic primitive dedicated to hardware which has been proposed by Badel et al. in [1]. In this paper we propose a meet-in-the-middle technique that allows us to invert the ARMADILLO2 function. Using this technique we are able to perform a key recovery attack on ARMADILLO2 in FIL-MAC application mode. A variant of this attack can also be applied when ARMADILLO2 is used as a stream cipher in the PRNG application mode. Finally we propose a (second) preimage attack on its hashing application mode. All the cryptanalysis presented in this paper can be applied for any arbitrary bitwise permutations $σ_{0}$ and $σ_{1}$ used in the internal permutation.

Metadata

Available format(s): PDF
Publication info: Published elsewhere. Unknown where it was published
Keywords: ARMADILLO2 meet-in-the-middle key recovery attack preimage attack parallel matching
Contact author(s): maria naya plasencia @ gmail com
History: 2011-09-12: last of 4 revisions; 2011-03-31: received; See all versions
Short URL: https://ia.cr/2011/160
License: CC BY

BibTeX

@misc{cryptoeprint:2011/160,
      author = {Mohamed Ahmed Abdelraheem and Céline Blondeau and María Naya-Plasencia and Marion Videau and Erik Zenner},
      title = {Cryptanalysis of {ARMADILLO2}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2011/160},
      year = {2011},
      url = {https://eprint.iacr.org/2011/160}
}