International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

LIZARD - A Lightweight Stream Cipher for Power-constrained Devices

Authors:
Matthias Hamann , University of Mannheim
Matthias Krause , University of Mannheim
Willi Meier , FH Nordwestschweiz
Download:
DOI: 10.13154/tosc.v2017.i1.45-79
URL: http://tosc.iacr.org/index.php/ToSC/article/view/584
Search ePrint
Search Google
Abstract: Time-memory-data (TMD) tradeoff attacks limit the security level of many classical stream ciphers (like E0, A5/1, Trivium, Grain) to 1/2n, where n denotes the inner state length of the underlying keystream generator. In this paper, we present Lizard, a lightweight stream cipher for power-constrained devices like passive RFID tags. Its hardware efficiency results from combining a Grain-like design with the FP(1)-mode, a recently suggested construction principle for the state initialization of stream ciphers, which offers provable 2/3n-security against TMD tradeoff attacks aiming at key recovery. Lizard uses 120-bit keys, 64-bit IVs and has an inner state length of 121 bit. It is supposed to provide 80-bit security against key recovery attacks. Lizard allows to generate up to 218 keystream bits per key/IV pair, which would be sufficient for many existing communication scenarios like Bluetooth, WLAN or HTTPS.
BibTeX
@article{tosc-2017-28096,
  title={LIZARD - A Lightweight Stream Cipher for Power-constrained Devices},
  journal={IACR Trans. Symmetric Cryptol.},
  publisher={Ruhr-Universität Bochum},
  volume={2017, Issue 1},
  pages={45-79},
  url={http://tosc.iacr.org/index.php/ToSC/article/view/584},
  doi={10.13154/tosc.v2017.i1.45-79},
  author={Matthias Hamann and Matthias Krause and Willi Meier},
  year=2017
}