How to Protect DES Against Exhaustive Key Search
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
A Construction of a Cioher From a Single Pseudorandom Permutation
ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
Grain: a stream cipher for constrained environments
International Journal of Wireless and Mobile Computing
On the Classification of 4 Bit S-Boxes
WAIFI '07 Proceedings of the 1st international workshop on Arithmetic of Finite Fields
PRESENT: An Ultra-Lightweight Block Cipher
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
The Salsa20 Family of Stream Ciphers
New Stream Cipher Designs
New Stream Cipher Designs
Analytic Combinatorics
KATAN and KTANTAN -- A Family of Small and Efficient Hardware-Oriented Block Ciphers
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Piccolo: an ultra-lightweight blockcipher
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
SEA: a scalable encryption algorithm for small embedded applications
CARDIS'06 Proceedings of the 7th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
HIGHT: a new block cipher suitable for low-resource device
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
mCrypton – a lightweight block cipher for security of low-cost RFID tags and sensors
WISA'05 Proceedings of the 6th international conference on Information Security Applications
Very compact hardware implementations of the blockcipher CLEFIA
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
KLEIN: a new family of lightweight block ciphers
RFIDSec'11 Proceedings of the 7th international conference on RFID Security and Privacy
Minimalism in cryptography: the even-mansour scheme revisited
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
The 128-bit blockcipher CLEFIA
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Towards green cryptography: a comparison of lightweight ciphers from the energy viewpoint
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Low-latency encryption: is "Lightweight = light + wait"?
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
On bruteforce-like cryptanalysis: new meet-in-the-middle attacks in symmetric cryptanalysis
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Design space exploration of the lightweight stream cipher WG-8 for FPGAs and ASICs
Proceedings of the Workshop on Embedded Systems Security
FIDES: lightweight authenticated cipher with side-channel resistance for constrained hardware
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Block ciphers that are easier to mask: how far can we go?
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Hi-index | 0.00 |
This paper presents a block cipher that is optimized with respect to latency when implemented in hardware. Such ciphers are desirable for many future pervasive applications with real-time security needs. Our cipher, named PRINCE, allows encryption of data within one clock cycle with a very competitive chip area compared to known solutions. The fully unrolled fashion in which such algorithms need to be implemented calls for innovative design choices. The number of rounds must be moderate and rounds must have short delays in hardware. At the same time, the traditional need that a cipher has to be iterative with very similar round functions disappears, an observation that increases the design space for the algorithm. An important further requirement is that realizing decryption and encryption results in minimum additional costs. PRINCE is designed in such a way that the overhead for decryption on top of encryption is negligible. More precisely for our cipher it holds that decryption for one key corresponds to encryption with a related key. This property we refer to as α-reflection is of independent interest and we prove its soundness against generic attacks.