Cryptanalysis of Hummingbird-1

  • Markku-Juhani O. Saarinen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6733)


Hummingbird-1 is a lightweight encryption and message authentication primitive published in RISC ’09 and WLC ’10. Hummingbird-1 utilizes a 256-bit secret key and a 64-bit IV. We report a chosen-IV, chosen-message attack that can recover the full secret key with a few million chosen messages processed under two related IVs. The attack requires at most 264 off-line computational effort. The attack has been implemented and demonstrated to work against a real-life implementation of Hummingbird-1. By attacking the differentially weak E component, the overall attack complexity can be reduced by a significant factor. Our cryptanalysis is based on a differential divide-and-conquer method with some novel techniques that are uniquely applicable to ciphers of this type.


Hummingbird cipher constrained devices lightweight cryptography stream cipher cryptanalysis 


  1. 1.
    Anderson, R., Biham, E., Knudsen, L.: Serpent: A Proposal for the Advanced Encryption Standard (1999),
  2. 2.
    Fan, X., Hu, H., Gong, G., Smith, E.M., Engels, D.: Lightweight Implementation of Hummingbird Cryptographic Algorithm on 4-Bit Microcontroller. In: The 1st International Workshop on RFID Security and Cryptography 2009 (RISC 2009), pp. 838–844 (2009)Google Scholar
  3. 3.
    Ferguson, N., Whiting, D., Schneier, B., Kelsey, J., Lucks, S., Kohno, T.: Helix: Fast encryption and authentication in a single cryptographic primitive. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 330–346. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. 4.
    Engels, D., Fan, X., Gong, G., Hu, H., Smith, E.M.: Ultra-Lightweight Cryptography for Low-Cost RFID Tags: Hummingbird Algorithm and Protocol. Centre for Applied Cryptographic Research (CACR) Technical Reports, CACR-2009-29,
  5. 5.
    Engels, D., Fan, X., Gong, G., Hu, H., Smith, E.M.: Hummingbird: Ultra-Lightweight Cryptography for Resource-Constrained Devices. In: 1st International Workshop on Lightweight Cryptography for Resource-Constrained Devices (WLC 2010), Tenerife, Canary Islands, Spain (January 2010)Google Scholar
  6. 6.
    Frazer, R. (ed.): An Analysis of the Hummingbird Cryptographic Algorithm. Commercial security analysis report by Information Security Systems Inc., April 26 (2009),
  7. 7.
    Revere Security. Web page and infomation on the Hummingbird cipher. Fetched November 03 (2010),
  8. 8.
    Muller, F.: Differential Attacks against the Helix Stream Cipher. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 94–108. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  9. 9.
    Smith, E.M.: Personal Communication, July 7 (2010)Google Scholar
  10. 10.
    Whiting, D., Schneier, B., Lucks, S., Muller, F.: Phelix – Fast Encryption and Authentication in a Single Cryptographic Primitive. ECRYPT Stream Cipher Project Report 2005/027 (2005),

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Markku-Juhani O. Saarinen
    • 1
  1. 1.Revere SecurityAddisonUSA

Personalised recommendations