KLEIN: A New Family of Lightweight Block Ciphers

  • Zheng Gong
  • Svetla Nikova
  • Yee Wei Law
Part of the Lecture Notes in Computer Science book series (volume 7055)


Resource-efficient cryptographic primitives are essential for realizing both security and efficiency in embedded systems like RFID tags and sensor nodes. Among those primitives, lightweight block cipher plays a major role as a building block for security protocols. In this paper, we describe a new family of lightweight block ciphers named KLEIN, which is designed for resource-constrained devices such as wireless sensors and RFID tags. Compared to related proposals, KLEIN has advantage in the software performance on legacy sensor platforms, while its hardware implementation can be compact as well.


Wireless Sensor Network Block Cipher Branch Number Differential Attack Maximum Distance Separable 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999)Google Scholar
  2. 2.
    Bilgin, B., Kavun, E.B., Yalcin, T.: Towards an Ultra Lightweight Crypto Processor. In: Workshop on Lightweight Security & Privacy: Devices, Protocols, and Applications (Lightsec 2011), pp. 76–83. IEEE CS, Los Alamitos (2011)CrossRefGoogle Scholar
  3. 3.
    Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: An Ultra-Lightweight Block Cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  4. 4.
    Bogdanov, A., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y.: Hash Functions and RFID tags: Mind the Gap. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 283–299. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Bogdanov, A., Rechberger, C.: A 3-Subset Meet-in-the-Middle Attack: Cryptanalysis of the Lightweight Block Cipher KTANTAN. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 229–240. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  6. 6.
    De Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN — A family of Small and Efficient Hardware-Oriented Block Ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  7. 7.
    Chipcon: CC2420: 2.4 GHz IEEE 802.15.4/Zigbee-ready RF transceiver,
  8. 8.
    Cho, J.Y.: Linear Cryptanalysis of Reduced-Round PRESENT. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 302–317. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  9. 9.
    Collard, B., Standaert, F.-X.: A Statistical Saturation Attack Against The Block Cipher PRESENT. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 195–210. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  10. 10.
  11. 11.
  12. 12.
    Daemen, J., Knudsen, L.R., Rijmen, V.: Linear Frameworks for Block Ciphers. Designs, Codes and Cryptography 22(1), 65–87 (2001)CrossRefzbMATHMathSciNetGoogle Scholar
  13. 13.
    Daemen, J., Peeters, M., Van Assche, G., Rijmen, V.: The NOEKEON Block Cipher. The NESSIE Proposal (2000)Google Scholar
  14. 14.
    Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Springer, Heidelberg (2002)zbMATHGoogle Scholar
  15. 15.
    Daemen, J., Rijmen, V.: A New MAC Construction ALRED and A Specific Instance ALPHA-MAC. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 1–17. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  16. 16.
    Daemen, J., Rijmen, V.: New Criteria for Linear Maps in AES-Like Ciphers. Cryptography and Communications 1(1), 47–69 (2009)CrossRefzbMATHMathSciNetGoogle Scholar
  17. 17.
    Dinur, I., Shamir, A.: Cube Attacks on Tweakable Black Box Polynomials. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  18. 18.
    Engels, D., Fan, X., Gong, G., Hu, H., Smith, E.M.: Hummingbird: Ultra-Lightweight Cryptography for Resource-Constrained Devices. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) RLCPS, WECSR, and WLC 2010. LNCS, vol. 6054, pp. 3–18. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  19. 19.
    Eriksson, J., Dunkels, A., Finne, N., Österlind, F., Voigt, T.: MSPsim - An Extensible Simulator for MSP430-Equipped Sensor Boards. In: Proceedings of the European Conference on Wireless Sensor Networks (EWSN), Poster/Demo Session, Delft, The Netherlands (January 2007)Google Scholar
  20. 20.
    Feldhofer, M., Wolkerstorfer, J., Rijmen, V.: AES Implementation on a Grain of Sand. IEEE Proceedings on Information Security 152(1), 13–20 (2005)CrossRefGoogle Scholar
  21. 21.
    Gong, Z., Hartel, P., Nikova, S., Zhu, B.: Towards Secure and Practical MACs for Body Sensor Networks. In: Roy, B.K., Sendrier, N. (eds.) INDOCRYPT 2009. LNCS, vol. 5922, pp. 182–198. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  22. 22.
    Hong, D., Sung, J., Hong, S., Lim, J., Lee, S., Koo, B., Lee, C., Chang, D., Lee, J., Jeong, K., Kim, H., Kim, J., Chee, S.: HIGHT: A New Block Cipher Suitable for Low-Resource Device. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 46–59. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  23. 23.
    Granboulan, L.: Flaws in Differential Cryptanalysis of Skipjack. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 328–335. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  24. 24.
    Hamalainen, P., Alho, T., Hannikainen, M., Hamalainen, T.D.: Design and Implementation of Low-Area and Low-Power AES Encryption Hardware Core. In: DSD 2006: Proceedings of the 9th EUROMICRO Conference on Digital System Design, pp. 577–583. IEEE Computer Society, Washington, DC, USA (2006)CrossRefGoogle Scholar
  25. 25.
    Healy, M., Newe, T., Lewis, E.: Analysis of Hardware Encryption Versus Software Encryption on Wireless Sensor Network Motes. In: Mukhopadhyay, S.C., Gupta, G.S. (eds.) Smart Sensors and Sensing Technology 2008. LNEE, vol. 20, pp. 3–14. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  26. 26.
    Juels, A., Weis, S.A.: Authenticating Pervasive Devices with Human Protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)Google Scholar
  27. 27.
    Knudsen, L.R., Leander, G., Poschmann, A., Robshaw, M.J.B.: PRINTCipher: A Block Cipher for IC-Printing. In: Mangard and Standaert [37], pp. 16–32Google Scholar
  28. 28.
    Knudsen, L.R., Raddum, H.: On NOEKEON. The NESSIE Report (April 2001)Google Scholar
  29. 29.
    Knudsen, L.R., Robshaw, M.J.B., Wagner, D.: Truncated Differentials and Skipjack. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 165–180. Springer, Heidelberg (1999)Google Scholar
  30. 30.
    Knudsen, L.R., Wagner, D.: Integral Cryptanalysis. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 112–127. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  31. 31.
    Könighofer, R.: A Fast and Cache-Timing Resistant Implementation of the AES. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 187–202. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  32. 32.
    Law, Y.W., Doumen, J., Hartel, P.H.: Survey and Benchmark of Block Ciphers for Wireless Sensor Networks. ACM Trans. Sen. Netw. 2(1), 65–93 (2006)CrossRefGoogle Scholar
  33. 33.
    Leander, G., Paar, C., Poschmann, A., Schramm, K.: New Lightweight DES Variants. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 196–210. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  34. 34.
    Lim, C.H.: A Revised Version of CRYPTON - CRYPTON V1.0. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 31–45. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  35. 35.
    Lim, C.H., Korkishko, T.: mCrypton – A Lightweight Block Cipher for Security of Low-Cost RFID Tags and Sensors. In: Song, J., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 243–258. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  36. 36.
    Mangard, S., Popp, T., Gammel, B.M.: Side-Channel Leakage of Masked CMOS Gates. In: Menezes, A.J. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 351–365. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  37. 37.
    Mangard, S., Standaert, F.X. (eds.): CHES 2010. LNCS, vol. 6225. Springer, Heidelberg (2010)zbMATHGoogle Scholar
  38. 38.
    Matsui, M.: New Structure of Block Ciphers with Provable Security against Differential and Linear Cryptanalysis. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 205–218. Springer, Heidelberg (1996)Google Scholar
  39. 39.
    Moradi, A., Poschmann, A.: Lightweight Cryptography and DPA Countermeasures: A Survey. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) RLCPS, WECSR, and WLC 2010. LNCS, vol. 6054, pp. 68–79. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  40. 40.
    Moradi, A., Poschmann, A., Ling, S., Paar, C., Wang, H.: Pushing the Limits: A Very Compact and a Threshold Implementation of AES. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 69–88. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  41. 41.
    Nikova, S., Rijmen, V., Schläffer, M.: Secure Hardware Implementation of Non-Linear Functions in the Presence of Glitches. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 218–234. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  42. 42.
    NIST. Skipjack and KEA algorithm Specifications (version 2.0). NIST online document (May 1998),
  43. 43.
    Ohkuma, K.: Weak Keys of Reduced-Round PRESENT for Linear Cryptanalysis, pp. 249–265. Springer, Heidelberg (2009)Google Scholar
  44. 44.
    Özen, O., Varıcı, K., Tezcan, C., Kocair, Ç.: Lightweight Block Ciphers Revisited: Cryptanalysis of Reduced Round PRESENT and HIGHT. In: Boyd, C., González Nieto, J. (eds.) ACISP 2009. LNCS, vol. 5594, pp. 90–107. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  45. 45.
    Paar, C., Poschmann, A., Robshaw, M.: New Designs in Lightweight Symmetric Encryption. In: Kitsos, P., Zhang, Y. (eds.) RFID Security: Techniques, Protocols and System-on-Chip Design, pp. 349–371. Springer, Heidelberg (2008)Google Scholar
  46. 46.
    Phan, R.C.W.: Cryptanalysis of Full Skipjack Block Cipher. Electronic Letters, 69–71 (2002)Google Scholar
  47. 47.
    Poschmann, A.: Lightweight Cryptography - Cryptographic Engineering for a PervasiveWorld. PhD thesis, Ruhr-University Bochum, Germany (2009)Google Scholar
  48. 48.
    Poschmann, A., Ling, S., Wang, H.: 256 Bit Standardized Crypto for 650 Ge - Gost Revisited. In: Mangard and Standaert [37], pp. 219–233Google Scholar
  49. 49.
    Rolfes, C., Poschmann, A., Leander, G., Paar, C.: Ultra-Lightweight Implementations for Smart Devices – Security for 1000 Gate Equivalents. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 89–103. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  50. 50.
    Saarinen, M.J.O.: Cryptanalysis of Hummingbird-1. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 328–341. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  51. 51.
    Satoh, A., Morioka, S., Takano, K., Munetoh, S.: A Compact Rijndael Hardware Architecture with S-Box Optimization. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 239–254. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  52. 52.
    Standaert, F.X., Piret, G., Gershenfeld, N., Quisquater, J.J.: SEA: A Scalable Encryption Algorithm for Small Embedded Applications. In: Domingo-Ferrer, J., Posegga, J., Schreckling, D. (eds.) CARDIS 2006. LNCS, vol. 3928, pp. 222–236. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  53. 53.
    Zhu, B.: The Standalone AES Encryption of CC2420 (TinyOS 2.10 and MICAz) (December 2008),

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Zheng Gong
    • 1
  • Svetla Nikova
    • 2
    • 3
  • Yee Wei Law
    • 4
  1. 1.School of Computer ScienceSouth China Normal UniversityChina
  2. 2.Faculty of EWIUniversity of TwenteThe Netherlands
  3. 3.Dept. ESAT/SCD-COSICKatholieke Universiteit LeuvenBelgium
  4. 4.Department of EEEThe University of MelbourneAustralia

Personalised recommendations