Paper 2011/160

Cryptanalysis of ARMADILLO2

Mohamed Ahmed Abdelraheem, Céline Blondeau, María Naya-Plasencia, Marion Videau, and Erik Zenner

Abstract

ARMADILLO2 is the recommended variant of a multi-purpose cryptographic primitive dedicated to hardware which has been proposed by Badel et al. in [1]. In this paper we propose a meet-in-the-middle technique that allows us to invert the ARMADILLO2 function. Using this technique we are able to perform a key recovery attack on ARMADILLO2 in FIL-MAC application mode. A variant of this attack can also be applied when ARMADILLO2 is used as a stream cipher in the PRNG application mode. Finally we propose a (second) preimage attack on its hashing application mode. All the cryptanalysis presented in this paper can be applied for any arbitrary bitwise permutations $\sigma_0$ and $\sigma_1$ used in the internal permutation.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown where it was published
Keywords
ARMADILLO2meet-in-the-middlekey recovery attackpreimage attackparallel matching
Contact author(s)
maria naya plasencia @ gmail com
History
2011-09-12: last of 4 revisions
2011-03-31: received
See all versions
Short URL
https://ia.cr/2011/160
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2011/160,
      author = {Mohamed Ahmed Abdelraheem and Céline Blondeau and María Naya-Plasencia and Marion Videau and Erik Zenner},
      title = {Cryptanalysis of ARMADILLO2},
      howpublished = {Cryptology ePrint Archive, Paper 2011/160},
      year = {2011},
      note = {\url{https://eprint.iacr.org/2011/160}},
      url = {https://eprint.iacr.org/2011/160}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.