The Hummingbird-2 Lightweight Authenticated Encryption Algorithm

  • Daniel Engels
  • Markku-Juhani O. Saarinen
  • Peter Schweitzer
  • Eric M. Smith
Part of the Lecture Notes in Computer Science book series (volume 7055)


Hummingbird-2 is an encryption algorithm with a 128-bit secret key and a 64-bit initialization vector. Hummingbird-2 optionally produces an authentication tag for each message processed. Like it’s predecessor Hummingbird-1, Hummingbird-2 has been targeted for low-end microcontrollers and for hardware implementation in lightweight devices such as RFID tags and wireless sensors. Compared to the previous version of the cipher, and in response to extensive analysis, the internal state has been increased to 128 bits and a flow of entropy from the state to the mixing function has been improved. In this paper we present the Hummingbird-2 algorithm, its design and security arguments, performance analysis on both software and hardware platforms, and timing analysis in relation to the ISO 18000-6C protocol.


Hummingbird cipher constrained devices lightweight cryptography ISO 18000-6C 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Anderson, R., Biham, E., Knudsen, L.: Serpent: A Proposal for the Advanced Encryption Standard (1999),
  2. 2.
    Biryukov, A., De Cannière, C., Quisquater, M.: On Multiple Linear Approximations. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 1–22. Springer, Heidelberg (2004)Google Scholar
  3. 3.
    Biham, E., Shamir, A.: Differential Cryptanalysis of DES-like Cryptosystems. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991)Google Scholar
  4. 4.
    Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, Heidelberg (1993)Google Scholar
  5. 5.
    De Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN — A Family of Small and Efficient Hardware-Oriented Block Ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  6. 6.
    Dinur, I., Shamir, A.: Cube Attacks on Tweakable Black Box Polynomials. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  7. 7.
    Dworkin, M.: Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC. In: NIST Special Publication 800-38D (2007)Google Scholar
  8. 8.
    Fan, X., Hu, H., Gong, G., Smith, E.M., Engels, D.: Lightweight Implementation of Hummingbird Cryptographic Algorithm on 4-Bit Microcontroller. In: The 1st International Workshop on RFID Security and Cryptography 2009 (RISC 2009), pp. 838–884. Springer, Heidelberg (2009)Google Scholar
  9. 9.
    Ferguson, N., Whiting, D., Schneier, B., Kelsey, J., Lucks, S., Kohno, T.: Helix: Fast Encryption and Authentication in a Single Cryptographic Primitive. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 330–346. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Engels, D., Fan, X., Gong, G., Hu, H., Smith, E.M.: Ultra-Lightweight Cryptography for Low-Cost RFID Tags: Hummingbird Algorithm and Protocol. Centre for Applied Cryptographic Research (CACR) Technical Reports, CACR-2009-29 (2009),
  11. 11.
    Engels, D., Fan, X., Gong, G., Hu, H., Smith, E.M.: Hummingbird: Ultra-Lightweight Cryptography for Resource-Constrained Devices. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) RLCPS, WECSR, and WLC 2010. LNCS, vol. 6054, pp. 3–18. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  12. 12.
    International Standardization Organization. ISO/IEC 18000-6:2010. Information technology – Radio frequency identification for item management – Part 6: Parameters for air interface communications at 860 MHz to 960 MHzGoogle Scholar
  13. 13.
    Good, T., Benaissa, M.: Hardware results for selected stream cipher candidates. eStream, ECRYPT Stream Cipher Project Report 2007/023. In: Proceedings of SASC 2007 (2007)Google Scholar
  14. 14.
    Leander, G., Poschmann, A.: On the Classification of 4 Bit S-Boxes. In: Carlet, C., Sunar, B. (eds.) WAIFI 2007. LNCS, vol. 4547, pp. 159–176. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  15. 15.
    Matsui, M.: Linear Cryptanalysis Method for DES Cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)Google Scholar
  16. 16.
    Muller, F.: Differential Attacks Against the Helix Stream Cipher. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 94–108. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  17. 17.
    National Institute of Standards and Technology. The Advanced Encryption Standard (AES). FIPS Publication 197, U.S. DoC/NIST (2001)Google Scholar
  18. 18.
    Poschmann, A.: Lightweight Cryptography - Cryptographic Engineering for a Pervasive World. PhD Thesis. Europaeischer Universitaetsverlag, in the IT-Security series, no 8. Also available as IACR ePrint 2009/516 (2009) ISBN 978-3899663419Google Scholar
  19. 19.
    Saarinen, M.-J.O.: d-Monomial Tests are Effective Against Stream Ciphers. In: State of the Art in Stream Ciphers (SASC) 2006. Workshop Record, K.U. Leuven (2006)Google Scholar
  20. 20.
    Saarinen, M.-J.O.: Cryptanalysis of Hummingbird-1. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 328–341. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  21. 21.
    Saarinen, M.-J.O.: Cryptographic Analysis of All 4 ×4 - Bit S-Boxes. In: Selected Areas in Cryptography (SAC) 2011, Toronto, Ontario, Canada, August 11-12 (2011)Google Scholar
  22. 22.
    Whiting, D., Schneier, B., Lucks, S., Muller, F.: Phelix – Fast Encryption and Authentication in a Single Cryptographic Primitive. In: ECRYPT Stream Cipher Project Report 2005/027 (2005),

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Daniel Engels
    • 1
  • Markku-Juhani O. Saarinen
    • 1
  • Peter Schweitzer
    • 1
  • Eric M. Smith
    • 1
  1. 1.Revere SecurityAddisonUSA

Personalised recommendations