Top

Published in:

2015 | OriginalPaper | Chapter

Evaluation and Cryptanalysis of the Pandaka Lightweight Cipher

Authors : Yuval Yarom, Gefei Li, Damith C. Ranasinghe

Published in: Applied Cryptography and Network Security

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

There is a growing need to develop lightweight cryptographic primitives suitable for resource-constrained devices permeating in increasing numbers into the fabric of life. Such devices are exemplified none more so than by batteryless radio frequency identification (RFID) tags in applications ranging from automatic identification and monitoring to anti-counterfeiting. Pandaka is a lightweight cipher together with a protocol proposed in INFOCOM 2014 for extremely resource limited RFID tags. It is designed to reduce the hardware cost (area of silicon) required for implementing the cipher by shifting the computationally intensive task of cryptographically secure random number generation to the reader. In this paper we evaluate Pandaka and demonstrate that the communication protocol contains flaws which completely undermine the security of the cipher and make Pandaka susceptible to de-synchronisation. Furthermore, we show that, even without the protocol flaws, we can use a guess and determine method to mount an attack on the cipher for the more challenging scenario of a known-plaintext attack with an expected complexity of only \(2^{55}\). We conclude that Pandaka needs to be amended and highlight simple measures to prevent the above attacks.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Time–Memory Trade-Off Attack on the GSM A5/1 Stream Cipher Using Commodity GPGPU

next chapter Cryptographic Enforcement of Information Flow Policies Without Public Information

Abadi, M., Feigenbaum, J., Kilian, J.: On hiding information from an oracle. In: Proceedings of the 19th Annual ACM Symposium on Theory of Computing, pp. 195–203, New York, NY, US (1987)

Abdelraheem, M.A., Borghoff, J., Zenner, E., David, M.: Cryptanalysis of the light-weight cipher A2U2. In: Chen, L. (ed.) IMACC 2011. LNCS, vol. 7089, pp. 375–390. Springer, Heidelberg (2011)CrossRef

Ahmadi, H., Eghlidos, T.: Heuristic guess-and-determine attacks on stream ciphers. IET Inf. Secur. 3(2), 66–73 (2009)CrossRef

Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers. IACR Cryptology ePrint Archive 2013:404 (2013)

Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptology 4(1), 3–72 (1991)MathSciNetCrossRefMATH

Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, New York (1993)CrossRefMATH

Bogdanov, A., Rechberger, C.: A 3-subset meet-in-the-middle attack: cryptanalysis of the lightweight block cipher KTANTAN. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 229–240. Springer, Heidelberg (2011)CrossRef

Chen, M., Chen, S., Xiao, Q.: Pandaka: a lightweight cipher for RFID systems. In: Proceedings of IEEE INFOCOM 2014, pp. 172–180, Toronto, Ontario, Canada, April 2014

Cole, P.H., Ranasinghe, D.C.: Networked RFID Systems and Lightweight Cryptography: Raising Barriers to Counterfeiting. Springer, London (2008). doi:10.1007/978-3-540-71641-9 CrossRef

10.

Cole, P.H., Turner, L.H., Hu, Z., Ranasinghe, D.C.: The next generation of RFID technology. In: Ranasinghe, D.C., Sheng, Q.Z., Zeadally, S. (eds.) Unique Radio Innovation for the 21st Century: Building Scalable and Global RFID Networks, pp. 3–23. Springer, Berlin (2011). ISBN 978-3-642-03461-9CrossRef

11.

David, M., Ranasinghe, D.C., Larsen, T.: A2U2: a stream cipher for printed electronics RFID tags. In: IEEE International Conference on RFID, pp. 176–183, Orlando, FL, US, April 2011

12.

De Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN — a family of small and efficient hardware-oriented block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009)CrossRef

13.

Engels, D., Saarinen, M.-J.O., Schweitzer, P., Smith, E.M.: The hummingbird-2 lightweight authenticated encryption algorithm. In: Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS, vol. 7055, pp. 19–31. Springer, Heidelberg (2012)

14.

Engels, D.W., Sarma, S.E.: The reader collision problem. In: 2002 IEEE International Conference on Systems, Man and Cybernetics, vol. 3, pp. 6–13. IEEE (2002)

15.

EPC™ Radio-Frequuency Identity Protocols Generation-2 UHF RFID Version 2.0.0 Ratified. EPCGLOBAL, November 2013

16.

Feng, X., Liu, J., Zhou, Z., Wu, C., Feng, D.: A byte-based guess and determine attack on SOSEMANUK. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 146–157. Springer, Heidelberg (2010)CrossRef

17.

Finkenzeller, K.: RFID Handbook. Wiley Online Library, Hoboken (2003)CrossRef

18.

Gong, Z., Nikova, S., Law, Y.W.: KLEIN: a new family of lightweight block ciphers. In: Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS, vol. 7055, pp. 1–18. Springer, Heidelberg (2012)

19.

Juels, A., Weis, S.A.: Authenticating pervasive devices with human protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)CrossRef

20.

Karakoç, F., Demirci, H., Harmancı, A.E.: AKF: a key alternating Feistel scheme for lightweight cipher designs. Inf. Process. Lett. 115(2), 359–367 (2015)CrossRefMATH

21.

Kawamura, S., Shimbo, A.: Fast server-aided secret computation protocols for modular exponentiation. IEEE J. Sel. Areas Commun. 11(5), 778–784 (1993)CrossRef

22.

Knudsen, L., Leander, G., Poschmann, A., Robshaw, M.J.B.: PRINTcipher: a block cipher for IC-printing. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 16–32. Springer, Heidelberg (2010)CrossRef

23.

Luo, Y., Chai, Q., Gong, G., Lai, X.: A lightweight stream cipher WG-7 for RFID encryption and authentication. In: GLOBECOM 2010, pp. 1–6, Miami, FL, US, December 2010

24.

Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)CrossRef

25.

Matsui, M., Yamagishi, A.: A new cryptanalytic method for FEAL cipher. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. E77(1), 2–7 (1994)

26.

Nyberg, K.: Linear approximation of block ciphers. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 439–444. Springer, Heidelberg (1995)CrossRef

27.

Pasalic, E.: On guess and determine cryptanalysis of LFSR-based stream ciphers. IEEE Trans. Inf. Theory 55(7), 3398–3406 (2009)MathSciNetCrossRef

28.

Peterson, W.W., Brown, D.T.: Cyclic codes for error detection. Proc. IRE 49(1), 228–235 (1961). doi:10.1109/JRPROC.1961.287814. ISSN 0096-8390MathSciNetCrossRef

29.

Ranasinghe, D.C., Engels, D.W., Cole, P.H.: Low cost RFID systems: confronting security and privacy. In: Paper Auto-ID Labs White Paper Journal, vol. 1 (2005)

30.

Sarma, S.E.: Towards the 5 cent tag. White Paper-MIT Auto-ID Center (2001)

31.

Shibutani, K., Isobe, T., Hiwatari, H., Mitsuda, A., Akishita, T., Shirai, T.: Piccolo: an ultra-lightweight blockcipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 342–357. Springer, Heidelberg (2011)CrossRef

32.

Wu, W., Zhang, L.: LBlock: a lightweight block cipher. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 327–344. Springer, Heidelberg (2011)CrossRef

Title: Evaluation and Cryptanalysis of the Pandaka Lightweight Cipher
Authors: Yuval Yarom
Gefei Li
Damith C. Ranasinghe
Publisher: Springer International Publishing
Book: Applied Cryptography and Network Security
Print ISBN: 978-3-319-28165-0

Electronic ISBN: 978-3-319-28166-7

Copyright Year: 2015
DOI: https://doi.org/10.1007/978-3-319-28166-7_18

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner