New Light-Weight Crypto Algorithms for RFID

The authors propose a new block cipher, DESL (DES lightweight extension), which is strong, compact and efficient. Due to its low area constraints DESL is especially suited for RFID (radiofrequency identification) devices. DESL is based on the classical DES (data encryption standard) design, however, unlike DES it uses a single S-box repeated eight times. This approach makes it possible to considerably decrease chip size requirements. The S-box has been highly optimized in such a way that DESL resists common attacks, i.e., linear and differential cryptanalysis, and the Davies-Murphy-attack. Therefore DESL achieves a security level which is appropriate for many applications. Furthermore, we propose a light-weight implementation of DESL which requires 45% less chip size and 86% less clock cycles than the best AES implementations with regard to RFID applications. Compared to the smallest DES implementation published, our DESL design requires 38% less transistors. Our 0.18mum DESL implementation requires a chip size of 7392 transistors (1848 gate equivalences) and is capable to encrypt a 64-bit plaintext in 144 clock cycles. When clocked at 100 kHz, it draws an average current of only 0.89muA. These hardware figures are in the range of the best eSTREAM streamcipher candidates, comprising DESL as a new alternative for ultra low-cost encryption

[1]  Lars R. Knudsen Iterative Characteristics of DES and s²-DES , 1992, CRYPTO.

[2]  -. J. K. S. L. S. P. Dai-ki,et al.  DES can be Immune to Linear CryptanalysisKwang , 1994 .

[3]  R. Stephenson A and V , 1962, The British journal of ophthalmology.

[4]  Sean Murphy,et al.  Pairs and triplets of DES S-boxes , 2004, Journal of Cryptology.

[5]  Jongsung Kim,et al.  HIGHT: A New Block Cipher Suitable for Low-Resource Device , 2006, CHES.

[6]  Kwangjo Kim,et al.  Reconstruction of s2DES S-boxes and their Immunity to Differential Cryptanalysis , 1993 .

[7]  Eli Biham,et al.  How to Strengthen DES Using Existing Hardware , 1994, ASIACRYPT.

[8]  Vincent Rijmen,et al.  AES implementation on a grain of sand , 2005 .

[9]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[10]  Ralph Howard,et al.  Data encryption standard , 1987 .

[11]  Christof Paar,et al.  Breaking Ciphers with COPACOBANA - A Cost-Optimized Parallel Code Breaker , 2006, CHES.

[12]  D. Chaum,et al.  Di(cid:11)erential Cryptanalysis of the full 16-round DES , 1977 .

[13]  Kwangjo Kim,et al.  Securing DES S-boxes against Three Robust Cryptanalysis , 1995 .

[14]  J. Vandewalle,et al.  Security and Performance Optimization of a new DES data encryption chip , 1987, ESSCIRC '87: 13th European Solid-State Circuits Conference.

[15]  Akashi Satoh,et al.  A Compact Rijndael Hardware Architecture with S-Box Optimization , 2001, ASIACRYPT.

[16]  T. Good,et al.  Hardware results for selected stream cipher candidates , 2007 .

[17]  Don Coppersmith,et al.  The Data Encryption Standard (DES) and its strength against attacks , 1994, IBM J. Res. Dev..

[18]  L. Knudsen Iterative Characteristics of DES and S^2-DES , 1993 .