The stream cipher Rabbit was first presented at FSE 2003 , and no attacks against it have been published until now. With a measured encryption/decryption speed of 3.7 clock cycles per byte on a Pentium III processor, Rabbit does also provide very high performance. Thus, the Rabbit design is currently submitted to the Ecrypt call for stream cipher… (More)
Message authenticity (knowing " who sent this message ") is an important security issue for sensor networks, and often difficult to solve. Sometimes, it may be sufficient and more efficient to solve the simpler entitiy recognition problem, instead: " is the message from the same entity that sent the previous messages? ". This paper describes entity… (More)
1 This is version 1.1 of the cipher specification as submitted to the eStream project. The only changes in comparison to version 1.0 are some additions to section 7 on computational efficiency and a new appendix A, which describes an 80-bit key setup.
Entity recognition does not ask whether the message is from some entity X, just whether a message is from the same entity as a previous message. This turns turns out to be very useful for low-end devices. The current paper proposes a new protocol – the " Jane Doe Protocol " –, and provides a formal proof of its concrete security. The protocol neither… (More)
At CHES 2010, the new block cipher PRINTcipher was presented as a lightweight encryption solution for printable circuits . The best attack to date is a differential attack  that breaks less than half of the rounds. In this paper, we will present a new attack called invariant subspace attack that breaks the full cipher for a significant fraction of… (More)
In this paper, we describe a cache-timing attack against the stream cipher HC-256, which is the strong version of eStream winner HC-128. The attack is based on an abstract model of cache timing attacks that can also be used for designing stream ciphers. From the observations made in our analysis, we derive a number of design principles for hardening ciphers… (More)
Cache timing attacks are a class of side-channel attacks that is applicable against certain software implementations. They have generated significant interest when demonstrated against the Advanced En-cryption Standard (AES), but have more recently also been applied against other cryptographic primitives. In this paper, we give a cache timing cryptanalysis… (More)
At CHES 2010, the new block cipher PRINTcipher was presented. In addition to using an xor round key as is common practice for round-based block ciphers, PRINTcipher also uses key-dependent permutations. While this seems to make differential cryptanalysis difficult due to the unknown bit permutations, we show in this paper that this is not the case. We… (More)