Advertisement

PRINCE – A Low-Latency Block Cipher for Pervasive Computing Applications

Extended Abstract
  • Julia Borghoff
  • Anne Canteaut
  • Tim Güneysu
  • Elif Bilge Kavun
  • Miroslav Knezevic
  • Lars R. Knudsen
  • Gregor Leander
  • Ventzislav Nikov
  • Christof Paar
  • Christian Rechberger
  • Peter Rombouts
  • Søren S. Thomsen
  • Tolga Yalçın
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7658)

Abstract

This paper presents a block cipher that is optimized with respect to latency when implemented in hardware. Such ciphers are desirable for many future pervasive applications with real-time security needs. Our cipher, named PRINCE, allows encryption of data within one clock cycle with a very competitive chip area compared to known solutions. The fully unrolled fashion in which such algorithms need to be implemented calls for innovative design choices. The number of rounds must be moderate and rounds must have short delays in hardware. At the same time, the traditional need that a cipher has to be iterative with very similar round functions disappears, an observation that increases the design space for the algorithm. An important further requirement is that realizing decryption and encryption results in minimum additional costs. PRINCE is designed in such a way that the overhead for decryption on top of encryption is negligible. More precisely for our cipher it holds that decryption for one key corresponds to encryption with a related key. This property we refer to as α-reflection is of independent interest and we prove its soundness against generic attacks.

Keywords

Block Cipher Stream Cipher Gate Count Generic Attack Gate Equivalence 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Akishita, T., Hiwatari, H.: Very Compact Hardware Implementations of the Block Cipher CLEFIA. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 278–292. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  2. 2.
    Babbage, S., Dodd, M.: The MICKEY Stream Ciphers. In: Robshaw, Billet [31], pp. 191–209Google Scholar
  3. 3.
    Barreto, P.S.L.M., Rijmen, V.: The ANUBIS Block Cipher. Submission to the NESSIE project (2000), http://www.larc.usp.br/~pbarreto/AnubisPage.html
  4. 4.
    Barreto, P.S.L.M., Rijmen, V.: The Khazad Legacy-level Block Cipher. Submission to the NESSIE project (2000), http://www.larc.usp.br/~pbarreto/KhazadPage.html
  5. 5.
    Bernstein, D.J.: The Salsa20 Family of Stream Ciphers. In: Robshaw, Billet [31], pp. 84–97Google Scholar
  6. 6.
    Biryukov, A.: Analysis of Involutional Ciphers: Khazad and Anubis. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 45–53. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Biryukov, A.: DES-X (or DESX). In: Encyclopedia of Cryptography and Security, 2nd edn., p. 331. Springer (2011)Google Scholar
  8. 8.
    Biryukov, A., Wagner, D.: Advanced Slide Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 589–606. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  9. 9.
    Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M., Seurin, Y., Vikkelsoe, C.: PRESENT: An Ultra-Lightweight Block Cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    Borghoff, J., Canteaut, A., Güneysu, T., Kavun, E.B., Knezevic, M., Knudsen, L.R., Leander, G., Nikov, V., Paar, C., Rechberger, C., Rombouts, P., Thomsen, S.S., Yalçın, T.: PRINCE – A Low-latency Block Cipher for Pervasive Computing Applications. IACR Cryptology ePrint Archive, 529 (2012)Google Scholar
  11. 11.
    Daemen, J.: Cipher and Hash Function Design, Strategies Based on Linear and Differential Cryptanalysis. PhD thesis, Katholieke Universiteit Leuven (1995)Google Scholar
  12. 12.
    Daemen, J., Peeters, M., Van Assche, G., Rijmen, V.: The NOEKEON Block Cipher. Submission to the NESSIE project (2000), http://gro.noekeon.org/
  13. 13.
    Daemen, J., Rijmen, V.: Codes and Provable Security of Ciphers. In: Enhancing Cryptographic Primitives with Techniques from Error Correcting Codes. NATO Science for Peace and Security Series D - Information and Communication Security 23, vol. 1807, pp. 60–80. IOS Press (2009)Google Scholar
  14. 14.
    Davies, D.W.: Some Regular Properties of the ‘Data Encryption Standard’ Algorithm. In: Advances in Cryptology, CRYPTO 1982, pp. 89–96. Plenum Press, New York (1982)Google Scholar
  15. 15.
    De Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN — A Family of Small and Efficient Hardware-Oriented Block Ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  16. 16.
    De Cannière, C., Preneel, B.: Trivium Specifications. eSTREAM, ECRYPT Stream Cipher Project (2006)Google Scholar
  17. 17.
    Dunkelman, O., Keller, N., Shamir, A.: Minimalism in Cryptography: The Even-Mansour Scheme Revisited. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 336–354. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  18. 18.
    Even, S., Mansour, Y.: A Construction of a Cipher From a Single Pseudorandom Permutation. In: Matsumoto, T., Imai, H., Rivest, R.L. (eds.) ASIACRYPT 1991. LNCS, vol. 739, pp. 210–224. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  19. 19.
    Flajolet, P., Sedgewick, R.: Analytic Combinatorics. Cambridge University Press (2009)Google Scholar
  20. 20.
    Gong, Z., Nikova, S., Law, Y.W.: KLEIN: A New Family of Lightweight Block Ciphers. In: Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS, vol. 7055, pp. 1–18. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  21. 21.
    Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.: The LED Block Cipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 326–341. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  22. 22.
    Hell, M., Johansson, T., Meier, W.: Grain: A Stream Cipher for Constrained Environments. International Journal of Wireless and Mobile Computing 2(1), 86–93 (2007)CrossRefGoogle Scholar
  23. 23.
    Hong, D., Sung, J., Hong, S., Lim, J., Lee, S., Koo, B.-S., Lee, C., Chang, D., Lee, J., Jeong, K., Kim, H., Kim, J.-S., Chee, S.: HIGHT: A New Block Cipher Suitable for Low-Resource Device. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 46–59. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  24. 24.
    Kerckhof, S., Durvaux, F., Hocquet, C., Bol, D., Standaert, F.-X.: Towards Green Cryptography: A Comparison of Lightweight Ciphers from the Energy Viewpoint. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 390–407. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  25. 25.
    Kilian, J., Rogaway, P.: How to Protect DES against Exhaustive Key Search. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 252–267. Springer, Heidelberg (1996)Google Scholar
  26. 26.
    Kilian, J., Rogaway, P.: How to Protect DES Against Exhaustive Key Search (An Analysis of DESX). J. Cryptology 14(1), 17–35 (2001)MathSciNetMATHCrossRefGoogle Scholar
  27. 27.
    Knežević, M., Nikov, V., Rombouts, P.: Low-Latency Encryption – Is “Lightweight = Light + Wait”? In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 426–446. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  28. 28.
    Leander, G., Poschmann, A.: On the Classification of 4 Bit S-Boxes. In: Carlet, C., Sunar, B. (eds.) WAIFI 2007. LNCS, vol. 4547, pp. 159–176. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  29. 29.
    Lim, C.H., Korkishko, T.: mCrypton – A Lightweight Block Cipher for Security of Low-Cost RFID Tags and Sensors. In: Song, J.-S., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 243–258. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  30. 30.
    NANGATE. The NanGate 45nm Opencell Library, http://www.nangate.com
  31. 31.
    Robshaw, M., Billet, O. (eds.): New Stream Cipher Designs. LNCS, vol. 4986. Springer, Heidelberg (2008)Google Scholar
  32. 32.
    Shibutani, K., Isobe, T., Hiwatari, H., Mitsuda, A., Akishita, T., Shirai, T.: Piccolo: An Ultra-Lightweight Blockcipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 342–357. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  33. 33.
    Shirai, T., Shibutani, K., Akishita, T., Moriai, S., Iwata, T.: The 128-Bit Blockcipher CLEFIA (Extended Abstract). In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 181–195. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  34. 34.
    Standaert, F.-X., Piret, G., Gershenfeld, N., Quisquater, J.-J.: SEA: A Scalable Encryption Algorithm for Small Embedded Applications. In: Domingo-Ferrer, J., Posegga, J., Schreckling, D. (eds.) CARDIS 2006. LNCS, vol. 3928, pp. 222–236. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  35. 35.
    Standaert, F.-X., Piret, G., Rouvroy, G., Quisquater, J.-J., Legat, J.-D.: ICEBERG: An Involutional Cipher Efficient for Block Encryption in Reconfigurable Hardware. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 279–299. Springer, Heidelberg (2004)CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2012

Authors and Affiliations

  • Julia Borghoff
    • 1
  • Anne Canteaut
    • 1
    • 2
  • Tim Güneysu
    • 3
  • Elif Bilge Kavun
    • 3
  • Miroslav Knezevic
    • 4
  • Lars R. Knudsen
    • 1
  • Gregor Leander
    • 1
  • Ventzislav Nikov
    • 4
  • Christof Paar
    • 3
  • Christian Rechberger
    • 1
  • Peter Rombouts
    • 4
  • Søren S. Thomsen
    • 1
  • Tolga Yalçın
    • 3
  1. 1.Technical University of DenmarkDenmark
  2. 2.INRIAFrance
  3. 3.Ruhr-University BochumGermany
  4. 4.NXP SemiconductorsLeuvenBelgium

Personalised recommendations