The stream cipher Rabbit was first presented at FSE 2003 , and no attacks against it have been published until now. With a measured encryption/decryption speed of 3.7 clock cycles per byte on a Pentium III processor, Rabbit does also provide very high performance. Thus, the Rabbit design is currently submitted to the Ecrypt call for stream cipher… (More)
Entity recognition does not ask whether the message is from some entity X, just whether a message is from the same entity as a previous message. This turns turns out to be very useful for low-end devices. The current paper proposes a new protocol – the " Jane Doe Protocol " –, and provides a formal proof of its concrete security. The protocol neither… (More)
The stream cipher Rabbit was first presented at FSE 2003 . In the paper at hand, a full security analysis of Rabbit is given, focusing on algebraic attacks, approximations and differential analysis. We determine the algebraic normal form of the main nonlinear parts of the cipher as part of a comprehensive algebraic analysis. In addition, both linear and… (More)
At CHES 2010, the new block cipher PRINTcipher was presented as a lightweight encryption solution for printable circuits . The best attack to date is a differential attack  that breaks less than half of the rounds. In this paper, we will present a new attack called invariant subspace attack that breaks the full cipher for a significant fraction of… (More)
1 This is version 1.1 of the cipher specification as submitted to the eStream project. The only changes in comparison to version 1.0 are some additions to section 7 on computational efficiency and a new appendix A, which describes an 80-bit key setup.
In this paper, we describe a cache-timing attack against the stream cipher HC-256, which is the strong version of eStream winner HC-128. The attack is based on an abstract model of cache timing attacks that can also be used for designing stream ciphers. From the observations made in our analysis, we derive a number of design principles for hardening ciphers… (More)
We present Badger, a new fast and provably secure MAC based on universal hashing. In the construction, a modified tree hash that is more efficient than standard tree hash is used and its security is being proven. Furthermore, in order to derive the core hash function of the tree, we use a novel technique for reducing ∆-universal function families to… (More)