Paper 2015/131
On Lightweight Stream Ciphers with Shorter Internal States
Frederik Armknecht and Vasily Mikhalev
Abstract
To be resistant against certain time-memory-data-tradeoff (TMDTO) attacks, a common rule of thumb says that the internal state size of a stream cipher should be at least twice the security parameter. As memory gates are usually the most area and power consuming components, this implies a sever limitation with respect to possible lightweight implementations. In this work, we revisit this rule. We argue that a simple shift in the established design paradigm, namely to involve the fixed secret key not only in the initialization process but in the keystream generation phase as well, enables stream ciphers with smaller area size for two reasons. First, it improves the resistance against the mentioned TMDTO attacks which allows to choose smaller state sizes. Second, one can make use of the fact that storing a fixed value (here: the key) requires less area size than realizing a register of the same length. We demonstrate the feasibility of this approach by describing and implementing a concrete stream cipher Sprout which uses significantly less area than comparable existing lightweight stream ciphers.
Note: Accepted to FSE-2015
Metadata
- Available format(s)
-
PDF
- Publication info
- Published by the IACR in FSE 2015
- Keywords
- Stream CiphersLightweight CryptographyTime-Memory-Data-Tradeoff Attacks
- Contact author(s)
- mikhalev @ uni-mannheim de
- History
- 2015-02-27: revised
- 2015-02-26: received
- See all versions
- Short URL
- https://ia.cr/2015/131
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2015/131,
author = {Frederik Armknecht and Vasily Mikhalev},
title = {On Lightweight Stream Ciphers with Shorter Internal States},
howpublished = {Cryptology {ePrint} Archive, Paper 2015/131},
year = {2015},
url = {https://eprint.iacr.org/2015/131}
}
