Abstract
ARMADILLO2 is the recommended variant of a multipurpose cryptographic primitive dedicated to hardware which has been proposed by Badel et al. in [1]. In this paper, we describe a meet-in-the-middle technique relying on the parallel matching algorithm that allows us to invert the ARMADILLO2 function. This makes it possible to perform a key recovery attack when used as a FIL-MAC. A variant of this attack can also be applied to the stream cipher derived from the PRNG mode. Finally we propose a (second) preimage attack when used as a hash function. We have validated our attacks by implementing cryptanalysis on scaled variants. The experimental results match the theoretical complexities. In addition to these attacks, we present a generalization of the parallel matching algorithm, which can be applied in a broader context than attacking ARMADILLO2. © 2011 International Association for Cryptologic Research.
Author supplied keywords
Cite
CITATION STYLE
Abdelraheem, M. A., Blondeau, C., Naya-Plasencia, M., Videau, M., & Zenner, E. (2011). Cryptanalysis of ARMADILLO2. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7073 LNCS, pp. 308–326). https://doi.org/10.1007/978-3-642-25385-0_17
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
