Skip to main content
Download book PDF
View expanded cover

International Workshop on Cryptographic Hardware and Embedded Systems

CHES 2011: Cryptographic Hardware and Embedded Systems – CHES 2011 pp 342–357Cite as

Piccolo: An Ultra-Lightweight Blockcipher

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNSC,volume 6917)

Abstract

We propose a new 64-bit blockcipher Piccolo supporting 80 and 128-bit keys. Adopting several novel design and implementation techniques, Piccolo achieves both high security and notably compact implementation in hardware. We show that Piccolo offers a sufficient security level against known analyses including recent related-key differential attacks and meet-in-the-middle attacks. In our smallest implementation, the hardware requirements for the 80 and the 128-bit key mode are only 683 and 758 gate equivalents, respectively. Moreover, Piccolo requires only 60 additional gate equivalents to support the decryption function due to its involution structure. Furthermore, its efficiency on the energy consumption which is evaluated by energy per bit is also remarkable. Thus, Piccolo is one of the competitive ultra-lightweight blockciphers which are suitable for extremely constrained environments such as RFID tags and sensor nodes.

Keywords

  • blockcipher
  • generalized Feistel networks
  • related-key differential attacks
  • meet-in-the-middle attacks
  • ultra-lightweight

Download conference paper PDF

References

  1. Akishita, T., Hiwatari, H.: Very compact hardware implementations of the blockcipher CLEFIA. Sony corporation (June 2011), http://www.sony.co.jp/Products/cryptography/clefia/download/data/clefia-hw-compact-20110615.pdf

  2. Aoki, K., Sasaki, Y.: Preimage attacks on one-block MD4, 63-step MD5 and more. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 103–119. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  3. Aoki, K., Sasaki, Y.: Meet-in-the-middle preimage attacks against reduced SHA-0 and SHA-1. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 70–89. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  4. Badel, S., Dagtekin, N., Nakahara, J., Ouafi, K., Reffé, N., Sepehrdad, P., Susil, P., Vaudenay, S.: ARMADILLO: A multi-purpose cryptographic primitive dedicated to hardware. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 398–412. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  5. Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999)

    Google Scholar 

  6. Biham, E., Dunkelman, O., Keller, N.: The rectangle attack - rectangling the Serpent. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 340–357. Springer, Heidelberg (2001)

    CrossRef  Google Scholar 

  7. Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, Heidelberg (1993)

    MATH  Google Scholar 

  8. Biham, E., Dunkelman, O., Keller, N.: Related-key boomerang and rectangle attacks. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 507–525. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  9. Biham, E., Dunkelman, O., Keller, N.: A unified approach to related-key attacks. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 73–96. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  10. Biryukov, A., Nikolić, I.: Automatic Search for Related-Key Differential Characteristics in Byte-Oriented Block Ciphers: Application to AES, Camellia, Khazad and Others. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 322–344. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  11. Bogdanov, A., Knudsen, L., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: An ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  12. Bogdanov, A., Rechberger, C.: A 3-subset meet-in-the-middle attack: Cryptanalysis of the lightweight block cipher KTANTAN. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 229–240. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  13. De Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN — A family of small and efficient hardware-oriented block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  14. De Cannière, C., Nikov, V., Nikova, S., Rijmen, V.: S-box decompositions for SCA-resisting implementations. In: Poster Session of CHES 2010 (2010)

    Google Scholar 

  15. De Cannière, C., Preneel, B.: trivium. In: Robshaw, M.J.B., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 244–266. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  16. FIPS, Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197

    Google Scholar 

  17. FIPS, Data Encryption Standard. Federal Information Processing Standards Publication 46

    Google Scholar 

  18. Hämäläinen, P., Alho, T., Hännikäinen, M., Hämäläinen, T.D.: Design and implementation of low-area and low-power AES encryption hardware core. In: DSD, pp. 577–583. IEEE Computer Society, Los Alamitos (2006)

    Google Scholar 

  19. Hell, M., Johansson, T., Maximov, A., Meier, W.: The Grain Family of Stream Ciphers. In: Robshaw, M.J.B., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 179–190. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  20. Hong, D., Sung, J., Hong, S., Lim, J., Lee, S., Koo, B., Lee, C., Chang, D., Lee, J., Jeong, K., Kim, H., Kim, J., Chee, S.: HIGHT: A new block cipher suitable for low-resource device. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 46–59. Springer, Heidelberg (2006)

    CrossRef  Google Scholar 

  21. Isobe, T.: A single-key attack on the full GOST block cipher. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 290–305. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  22. Jakimoski, G., Desmedt, Y.: Related-key differential cryptanalysis of 192-bit key AES variants. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 208–221. Springer, Heidelberg (2004)

    CrossRef  Google Scholar 

  23. Kelsey, J., Kohno, T., Schneier, B.: Amplified boomerang attacks against reduced-round MARS and Serpent. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 75–93. Springer, Heidelberg (2001)

    CrossRef  Google Scholar 

  24. Kim, J., Hong, S., Sung, J., Lee, C., Lee, S.: Impossible differential cryptanalysis for block cipher structures. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 82–96. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  25. Knudsen, L., Leander, G., Poschmann, A., Robshaw, M.J.B.: PRINTcipher: A block cipher for IC-printing. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 16–32. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  26. Koo, B., Hong, D., Kwon, D.: Related-key attack on the full HIGHT. In: Pre-Proceedings of ICISC 2010. Springer, Heidelberg (2010)

    Google Scholar 

  27. Leander, G., Paar, C., Poschmann, A., Schramm, K.: New lightweight DES variants. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 196–210. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  28. Lim, C.H., Korkishko, T.: mCrypton – A lightweight block cipher for security of low-cost RFID tags and sensors. In: Song, J.-S., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 243–258. Springer, Heidelberg (2006)

    CrossRef  Google Scholar 

  29. Lim, C.H.: A Revised Version of CRYPTON - CRYPTON V1.0 -. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 31–45. Springer, Heidelberg (1999)

    CrossRef  Google Scholar 

  30. Matsui, M.: Linear cryptanalysis of Data Encryption Standard. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)

    Google Scholar 

  31. Moradi, A., Poschmann, A., Ling, S., Paar, C., Wang, H.: Pushing the limits: A very compact and a threshold implementation of AES. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 69–88. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  32. National Soviet Bureau of Standards, Information Processing System - Cryptographic Protection - Cryptographic Algorithm GOST 28147-89

    Google Scholar 

  33. Nikova, S., Rechberger, C., Rijmen, V.: Threshold implementations against side-channel attacks and glitches. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 529–545. Springer, Heidelberg (2006)

    CrossRef  Google Scholar 

  34. Nikova, S., Rijmen, V., Schläffer, M.: Secure hardware implementation of non-linear functions in the presence of glitches. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 218–234. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  35. Poschmann, A., Ling, S., Wang, H.: 256 bit standardized crypto for 650 GE – GOST revisited. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 219–233. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  36. Rolfes, C., Poschmann, A., Leander, G., Paar, C.: Ultra-lightweight implementations for smart devices – security for 1000 gate equivalents. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 89–103. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  37. Sasaki, Y., Aoki, K.: Finding preimages in full MD5 faster than exhaustive search. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 134–152. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  38. Satoh, A., Morioka, S.: Hardware-Focused Performance Comparison for the Standard Block Ciphers AES, Camellia, and Triple-DES. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 252–266. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  39. Shirai, T., Araki, K.: On generalized Feistel structures using the diffusion switching mechanism. IEICE Trans. Fundamentals E91-A(8), 2120–2129 (2008)

    CrossRef  Google Scholar 

  40. Shirai, T., Shibutani, K., Akishita, T., Moriai, S., Iwata, T.: The 128-Bit Blockcipher CLEFIA (Extended Abstract). In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 181–195. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  41. Suzaki, T., Minematsu, K.: Improving the generalized Feistel. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 19–39. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  42. Wagner, D.: The boomerang attack. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 156–170. Springer, Heidelberg (1999)

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Sony Corporation, 1-7-1 Konan, Minato-ku, Tokyo, 108-0075, Japan

    Kyoji Shibutani, Takanori Isobe, Harunaga Hiwatari, Atsushi Mitsuda, Toru Akishita & Taizo Shirai

Authors
  1. Kyoji Shibutani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Takanori Isobe
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Harunaga Hiwatari
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Atsushi Mitsuda
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Toru Akishita
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Taizo Shirai
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electrical Engineering - COSIC, Katholieke Universiteit Leuven and IBBT, Kasteelpark Arenberg 10, B-3001, Leuven-Heverlee, Belgium

    Bart Preneel

  2. Institute of Mathematics for Industry, Kyushu University, Fukuoka, Japan

    Tsuyoshi Takagi

Rights and permissions

Reprints and Permissions

Copyright information

© 2011 International Association for Cryptologic Research

About this paper

Cite this paper

Shibutani, K., Isobe, T., Hiwatari, H., Mitsuda, A., Akishita, T., Shirai, T. (2011). Piccolo: An Ultra-Lightweight Blockcipher. In: Preneel, B., Takagi, T. (eds) Cryptographic Hardware and Embedded Systems – CHES 2011. CHES 2011. Lecture Notes in Computer Science, vol 6917. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23951-9_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-23951-9_23

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-23950-2

  • Online ISBN: 978-3-642-23951-9

  • eBook Packages: Computer ScienceComputer Science (R0)