Cryptanalysis of ARMADILLO2

Abstract : ARMADILLO2 is the recommended variant of a multi-purpose cryptographic primitive dedicated to hardware which has been proposed by Badel et al. in [1]. In this paper we propose a meet-in-the-middle technique that allows us to invert the ARMADILLO2 function. Using this technique we are able to perform a key recovery attack on ARMADILLO2 in FIL-MAC application mode. A variant of this attack can also be applied when ARMADILLO2 is used as a stream cipher in the PRNG application mode. Finally we propose a (second) preimage attack on its hashing application mode. We have validated our attacks by implementing cryptanalysis on scaled variants that match the theoretical predicted complexities. All the cryptanalysis presented in this paper can be applied for any arbitrary bitwise permutations $σ_0$ and $σ_1$ used in the internal permutation.
Document type :
Conference papers
Complete list of metadatas

Cited literature [6 references]  Display  Hide  Download

https://hal.inria.fr/inria-00619236
Contributor : Marion Videau <>
Submitted on : Wednesday, February 29, 2012 - 8:28:10 PM
Last modification on : Tuesday, December 18, 2018 - 4:18:25 PM
Long-term archiving on : Friday, November 23, 2012 - 4:11:33 PM

File

Armadillov2.pdf
Files produced by the author(s)

Identifiers

Citation

Mohamed Ahmed Abdelraheem, Céline Blondeau, Maria Naya-Plasencia, Marion Videau, Erik Zenner. Cryptanalysis of ARMADILLO2. Advances in cryptology - ASIACRYPT 2011, Dec 2011, Séoul, South Korea. pp.308-326, ⟨10.1007/978-3-642-25385-0⟩. ⟨inria-00619236⟩

Share

Metrics

Record views

473

Files downloads

226