A Lightweight Stream Cipher WG-7 for RFID Encryption and Authentication

The family of WG stream ciphers has good randomness properties. In this paper, we parameterize WG-7 stream cipher for RFID tags, where the modest computation/storage capabilities and the necessity to keep their prices low present a challenging problem that goes beyond the well-studied cryptography. The rigorous security analysis of WG-7 indicates that it is secure against time/memory/data trade off attack, differential attack, algebraic attack, correlation attack and Discrete Fourier Transform (DFT) attack. Furthermore, we offer efficient implementation of WG-7 on the 4-bit microcontroller ATAM893-D and the 8-bit microcontroller ATmega8 from ATmel. The experimental results show that WG-7 outperforms most of previous proposals in terms of throughput and implementation complexity. Moreover, we propose a mutual authentication protocol based on WG-7, which provides the untraceability, resistance of tag impersonation and reader impersonation. With its verified cryptographic properties, low implementation complexity and ideal throughput, WG-7 is a promising candidate for RFID applications.

[1]  Seokhie Hong,et al.  Related Key Differential Attacks on 27 Rounds of XTEA and Full-Round GOST , 2004, FSE.

[2]  Patrick Schaumont,et al.  Hardware/software codesign for stream ciphers , 2007 .

[3]  Tim Good,et al.  AES on FPGA from the Fastest to the Smallest , 2005, CHES.

[4]  Nicolas Courtois Fast Algebraic Attacks on Stream Ciphers with Linear Feedback , 2003, CRYPTO.

[5]  Alex Biryukov,et al.  Two Trivial Attacks on Trivium , 2007, IACR Cryptol. ePrint Arch..

[6]  Amr M. Youssef,et al.  Cryptographic properties of the Welch-Gong transformation sequence generators , 2002, IEEE Trans. Inf. Theory.

[7]  Guang Gong Fast Linear Subspace Attacks on Stream Ciphers , 2009 .

[8]  Tor Helleseth,et al.  On Attacks on Filtering Generators Using Linear Subspace Structures , 2007, SSC.

[9]  Adi Shamir,et al.  Cube Attacks on Tweakable Black Box Polynomials , 2009, IACR Cryptol. ePrint Arch..

[10]  Claude Carlet,et al.  Algebraic Attacks and Decomposition of Boolean Functions , 2004, EUROCRYPT.

[11]  Christof Paar,et al.  A Survey of Lightweight-Cryptography Implementations , 2007, IEEE Design & Test of Computers.

[12]  Christof Paar,et al.  Cryptography is feasible on 4-Bit microcontrollers - A proof of concept , 2009, 2009 IEEE International Conference on RFID.

[13]  Willi Meier,et al.  Fast Algebraic Attacks on Stream Ciphers with Linear Feedback , 2003, CRYPTO.

[14]  Tor Helleseth,et al.  Attacking the Filter Generator over GF (2 m ) , 2007, WAIFI.

[15]  Vladimir V. Chepyzhov,et al.  A Simple Algorithm for Fast Correlation Attacks on Stream Ciphers , 2000, FSE.

[16]  Guang Gong,et al.  Lightweight implementation of Hummingbird cryptographic algorithm on 4-bit microcontrollers , 2009, 2009 International Conference for Internet Technology and Secured Transactions, (ICITST).

[17]  Tor Helleseth,et al.  A New Attack on the Filter Generator , 2007, IEEE Transactions on Information Theory.

[18]  Alex Biryukov,et al.  Cryptanalytic Time/Memory/Data Tradeoffs for Stream Ciphers , 2000, ASIACRYPT.

[19]  Guang Gong,et al.  Hummingbird: Ultra-Lightweight Cryptography for Resource-Constrained Devices , 2010, Financial Cryptography Workshops.

[20]  Thomas Siegenthaler,et al.  Correlation-immunity of nonlinear combining functions for cryptographic applications , 1984, IEEE Trans. Inf. Theory.

[21]  Guang Gong,et al.  WG: A family of stream ciphers with designed randomness properties , 2008, Inf. Sci..