International Workshop on Fast Software Encryption

FSE 2011: Fast Software Encryption pp 328-341

Cryptanalysis of Hummingbird-1

  • Markku-Juhani O. Saarinen
Conference paper

DOI: 10.1007/978-3-642-21702-9_19

Volume 6733 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Saarinen MJ.O. (2011) Cryptanalysis of Hummingbird-1. In: Joux A. (eds) Fast Software Encryption. FSE 2011. Lecture Notes in Computer Science, vol 6733. Springer, Berlin, Heidelberg


Hummingbird-1 is a lightweight encryption and message authentication primitive published in RISC ’09 and WLC ’10. Hummingbird-1 utilizes a 256-bit secret key and a 64-bit IV. We report a chosen-IV, chosen-message attack that can recover the full secret key with a few million chosen messages processed under two related IVs. The attack requires at most 264 off-line computational effort. The attack has been implemented and demonstrated to work against a real-life implementation of Hummingbird-1. By attacking the differentially weak E component, the overall attack complexity can be reduced by a significant factor. Our cryptanalysis is based on a differential divide-and-conquer method with some novel techniques that are uniquely applicable to ciphers of this type.


Hummingbird cipherconstrained deviceslightweight cryptographystream cipher cryptanalysis
Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Markku-Juhani O. Saarinen
    • 1
  1. 1.Revere SecurityAddisonUSA