ARMADILLO: A Multi-purpose Cryptographic Primitive Dedicated to Hardware

This paper describes and analyzes the security of a general-purpose cryptographic function design, with application in RFID tags and sensor networks. Based on these analyzes, we suggest minimum parameter values for the main components of this cryptographic function, called ARMADILLO. With fully serial architecture we obtain that 2923 GE could perform one compression function computation within 176 clock cycles, consuming 44 µW at 1MHz clock frequency. This could either authenticate a peer or hash 48 bits, or encrypt 128 bits on RFID tags. A better tradeoff would use 4030 GE, 77 µW of power and 44 cycles for the same, to hash (resp. encrypt) at a rate of 1.1 Mbps (resp. 2.9 Mbps). As other tradeoffs are proposed, we show that ARMADILLO offers competitive performances for hashing relative to a fair Figure Of Merit (FOM).

[1]  Sandra Dominikus,et al.  Strong Authentication for RFID Systems Using the AES Algorithm , 2004, CHES.

[2]  María Bárbara Álvarez Torres,et al.  On the Move to Meaningful Internet Systems 2004: OTM 2004 Workshops , 2004, Lecture Notes in Computer Science.

[3]  Martin Hell,et al.  Grain: a stream cipher for constrained environments , 2007, Int. J. Wirel. Mob. Comput..

[4]  Ingrid Verbauwhede,et al.  Cryptographic Hardware and Embedded Systems - Ches 2007 , 2008 .

[5]  Christof Paar,et al.  Ultra-Lightweight Implementations for Smart Devices - Security for 1000 Gate Equivalents , 2008, CARDIS.

[6]  Andrey Bogdanov,et al.  Hash Functions and RFID Tags: Mind the Gap , 2008, CHES.

[7]  Mitsuru Matsui,et al.  Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings , 2006, CHES.

[8]  Joos Vandewalle,et al.  A Hardware Design Model for Cryptographic Algorithms , 1992, ESORICS.

[9]  Chae Hoon Lim,et al.  mCrypton - A Lightweight Block Cipher for Security of Low-Cost RFID Tags and Sensors , 2005, WISA.

[10]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[11]  Martin Feldhofer,et al.  A Case Against Currently Used Hash Functions in RFID Protocols , 2006, OTM Workshops.

[12]  David Garber,et al.  Braid Group Cryptography , 2007, ArXiv.

[13]  Ivan Damgård,et al.  A Design Principle for Hash Functions , 1989, CRYPTO.

[14]  Christophe Clavier,et al.  Cryptographic Hardware and Embedded Systems - CHES 2009, 11th International Workshop, Lausanne, Switzerland, September 6-9, 2009, Proceedings , 2009, CHES.

[15]  Jean-Jacques Quisquater,et al.  Computer Security — ESORICS 92 , 1992, Lecture Notes in Computer Science.

[16]  Jean-Louis Lanet,et al.  Smart Card Research and Advanced Application, 9th IFIP WG 8.8/11.2 International Conference, CARDIS 2010, Passau, Germany, April 14-16, 2010. Proceedings , 2010, CARDIS.

[17]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[18]  Christof Paar,et al.  New Lightweight DES Variants , 2007, FSE.

[19]  Bart Preneel,et al.  MAME: A Compression Function with Reduced Hardware Requirements , 2007, CHES.

[20]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[21]  Ralph C. Merkle,et al.  One Way Hash Functions and DES , 1989, CRYPTO.

[22]  Roger M. Needham,et al.  TEA, a Tiny Encryption Algorithm , 1994, FSE.

[23]  Jongsung Kim,et al.  HIGHT: A New Block Cipher Suitable for Low-Resource Device , 2006, CHES.

[24]  Bruce Schneier One-way hash functions , 1991 .

[25]  Joos Vandewalle,et al.  A Framework for the Design of One-Way Hash Functions Including Cryptanalysis of Damgård's One-Way Function Based on a Cellular Automaton , 1991, ASIACRYPT.

[26]  Gilles Zémor,et al.  Hashing with SL_2 , 1994, CRYPTO.

[27]  T. Good,et al.  Hardware results for selected stream cipher candidates , 2007 .

[28]  Nikolay A. Moldovyan,et al.  A cipher based on data-dependent permutations , 2001, Journal of Cryptology.

[29]  Elisabeth Oswald,et al.  Cryptographic Hardware and Embedded Systems - CHES 2008, 10th International Workshop, Washington, D.C., USA, August 10-13, 2008. Proceedings , 2008, CHES.

[30]  Serge Vaudenay,et al.  Pathchecker: An RFID application for tracing products in Supply-chains , 2015 .

[31]  B. Preneel,et al.  Trivium Specifications ? , 2022 .

[32]  Hideki Imai,et al.  Advances in Cryptology — ASIACRYPT '91 , 1991, Lecture Notes in Computer Science.

[33]  Christophe De Cannière,et al.  KATAN and KTANTAN - A Family of Small and Efficient Hardware-Oriented Block Ciphers , 2009, CHES.

[34]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[35]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.