LIZARD – A Lightweight Stream Cipher for Power-constrained Devices
Keywords:Stream Ciphers, Lightweight Cryptography, Time-Memory-Data Tradeoff Attacks, FP(1)-mode, Grain, RFID
Time-memory-data (TMD) tradeoff attacks limit the security level of many classical stream ciphers (like E0, A5/1, Trivium, Grain) to 1/2n, where n denotes the inner state length of the underlying keystream generator. In this paper, we present Lizard, a lightweight stream cipher for power-constrained devices like passive RFID tags. Its hardware efficiency results from combining a Grain-like design with the FP(1)-mode, a recently suggested construction principle for the state initialization of stream ciphers, which offers provable 2/3n-security against TMD tradeoff attacks aiming at key recovery. Lizard uses 120-bit keys, 64-bit IVs and has an inner state length of 121 bit. It is supposed to provide 80-bit security against key recovery attacks. Lizard allows to generate up to 218 keystream bits per key/IV pair, which would be sufficient for many existing communication scenarios like Bluetooth, WLAN or HTTPS.
How to Cite
Copyright (c) 2017 Matthias Hamann, Matthias Krause, Willi Meier
This work is licensed under a Creative Commons Attribution 4.0 International License.