Abstract
ARMADILLO2 is the recommended variant of a multi-purpose
cryptographic primitive dedicated to hardware which has been proposed
by Badel et al. in [1]. In this paper, we describe a meet-in-themiddle
technique relying on the parallel matching algorithm that allows
us to invert the ARMADILLO2 function. This makes it possible to perform
a key recovery attack when used as a FIL-MAC. A variant of this
attack can also be applied to the stream cipher derived from the PRNG
mode. Finally we propose a (second) preimage attack when used as a
hash function.We have validated our attacks by implementing cryptanalysis
on scaled variants. The experimental results match the theoretical
complexities.
In addition to these attacks, we present a generalization of the parallel
matching algorithm, which can be applied in a broader context than
attacking ARMADILLO2.
| Original language | English |
|---|---|
| Title of host publication | Advances in Cryptology |
| Editors | Dong Hoon Lee, Xiaoyun Wang |
| Publisher | Springer |
| Publication date | 2011 |
| Pages | 308-326 |
| ISBN (Print) | 978-3-642-25384-3 |
| DOIs | |
| Publication status | Published - 2011 |
| Event | 17th International Conference on the Theory and Application of Cryptology and Information Security - Seoul, Korea, Republic of Duration: 4 Dec 2011 → 8 Dec 2011 Conference number: 17 |
Conference
| Conference | 17th International Conference on the Theory and Application of Cryptology and Information Security |
|---|---|
| Number | 17 |
| Country/Territory | Korea, Republic of |
| City | Seoul |
| Period | 04/12/2011 → 08/12/2011 |
| Series | Lecture Notes in Computer Science |
|---|---|
| Number | 7073 |
Keywords
- Preimage attack
- Parallel matching algorithm
- Meet-in-the-middle
- ARMADILLO2
- Key recovery attack