轻量级分组密码算法综述

doi:10.11896/jsjkx.230500190

摘要/Abstract

摘要： 随着信息技术的快速发展,人类将进入万物互联时代,数以亿计的物联网设备接入网络,针对用户隐私、网络环境等的网络攻击持续增长。因此,保障物联网设备的信息安全至关重要。由于物联网设备的计算能力、电池容量和内存等资源十分受限,传统的分组密码算法不适用于具有低时延、低功耗等要求的物联网设备,轻量级分组密码算法应运而生。文中概述了轻量级分组密码算法的研究现状及进展,并根据算法结构将其分成6类进行详细阐述;依据多维度评价指标分别对轻量级分组密码算法的软硬件实现进行综合对比与分析,并从安全性、资源开销和性能3方面进行深入探讨;最后展望了轻量级分组密码算法的未来研究方向。

关键词: 轻量级分组密码, 物联网, 数据安全, 密码算法, 隐私保护

Abstract: With the rapid development of information technology,human beings are entering the era of ubiquitous connectivity,where billions of Internet of Things(IoT) devices are connected to the network.The continuous growth of network attacks targeting user privacy and the network environment has made it crucial to ensure the information security of IoT devices.Due to the limited computational capabilities,battery capacity,and memory resources of IoT devices,conventional block cipher algorithms are not suitable for IoT devices that require low latency and low power consumption,lightweight block cipher algorithms have emerged to address these challenges.This paper provides an overview of the research status and progress of lightweight block cipher algorithms,and categorizes them into six types according to their structure.It comprehensively compares and analyzes the hardware and software implementations of lightweight block cipher algorithms based on multidimensional evaluation criteria.Furthermore,it explores the security,resource consumption,and performance aspects in-depth.Finally,this paper discusses the future research directions of lightweight block cipher algorithms.

Key words: Lightweight block cipher, Internet of Things, Data security, Cipher algorithm, Privacy protection

中图分类号:

TP309

钟悦, 谷杰铭, 曹洪林. 轻量级分组密码算法综述[J]. 计算机科学, 2023, 50(9): 3-15. https://doi.org/10.11896/jsjkx.230500190

ZHONG Yue, GU Jieming, CAO Honglin. Survey of Lightweight Block Cipher[J]. Computer Science, 2023, 50(9): 3-15. https://doi.org/10.11896/jsjkx.230500190

参考文献

[1]MOHD B J,HAYAJNEH T,VASILAKOS A V.A Survey on Lightweight Block Ciphers for Low-Resource Devices:Comparative Study and Open Issues[J].Journal of Network & Computer Applications,2015,58(C):73-93.
[2]SINGH S,SHARMA P K,MOON S Y,et al.Advanced Lightweight Encryption Algorithms for IoT Devices:Survey,Challenges and Solutions[J].Journal of Ambient Intelligence and Humanized Computing,2017,4:1-18.
[3]MOHD B J,HAYAJNEH T.Lightweight Block Ciphers forIoT:Energy Optimization and Survivability Techniques[J].IEEE Access,2018,6:35966-35978.
[4]BANAFA A.Three Major Challenges Facing IoT:IEEE Internet of Things[EB/OL].(2017-03-14)[2023-04-14].https://iot.ieee.org/newsletter/march-2017/three-major-challenges-facing-iot.html.
[5]BHARDWAJ I,KUMAR A,BANSAL M.A Review on Lightweight Cryptography Algorithms for Data Security and Authentication in IoTs[C]// International Conference on Signal Processing,Computing and Control(ISPCC).IEEE,2017:504-509.
[6]DIEHL W,FARAHMAND F,YALLA P,et al.Comparison of Hardware and Software Implementations of Selected Lightweight Block Ciphers[C]//International Conference on Field Programmable Logic and Applications(FPL).IEEE,2017:1-4.
[7]HANLEY N,ONEILL M.Hardware Comparison of the ISO/IEC 29192-2 Block Ciphers[C]//IEEE Computer Society An-nual Symposium on VLSI.IEEE,2012:57-62.
[8]BANSOD G,RAVAL N,PISHAROTY N.Implementation of a New Lightweight Encryption Design for Embedded Security[J].IEEE Transactions on Information Forensics and Security,2014,10(1):142-151.
[9]KERCKHOF S,DURVAUX F,HOCQUET C,et al.Towards Green Cryptography:A Comparison of Lightweight Ciphers from the Energy Viewpoint[C]//Cryptographic Hardware and Embedded Systems.Springer,2012:390-407.
[10]SHAH A,ENGINEER M.A Survey of Lightweight Crypto-graphic Algorithms for IoT-Based Applications[C]//Smart Innovations in Communication and Computational Sciences.Springer,2019:283-293.
[11]SALLAM S,BEHESHTI B D.A Survey on Lightweight Cryptographic Algorithms[C]//IEEE Region 10 Conference.IEEE,2018:1784-1789.
[12]THORAT C G,INAMDAR V S.Implementation of New Hybrid Lightweight Cryptosystem[J].Applied Computing and Informatics,2018,16(1):195-206.
[13]HOSSEINZADEH J,HOSSEINZADEH M.A ComprehensiveSurvey on Evaluation of Lightweight Symmetric Ciphers:Hardware and Software Implementation[J].Advances in Computer Science:an International Journal,2016,5(4):31-41.
[14]DAR A B,LONE M J,HUSSAIN N.Revisiting LightweightBlock Ciphers:Review,Taxonomy and Future Directions[J/OL].https://ia.cr/2021/476.
[15]MOHAJERANI K,HAEUSSLER R,NAGPAL R,et al.FPGA Benchmarking of round 2 candidates in the NIST lightweight cryptography standardization process:methodology,metrics,tools,and results[J/OL].https://ia.cr/2020/1207.
[16]DIFFIE W,HELLMAN M E.Special Feature ExhaustiveCryptanalysis of the NBS Data Encryption Standard[J].Computer,1977,10(6):74-84.
[17]FYSARAKIS K,HATZIVASILIS G,RANTOS K,et al.Em-bedded Systems Security Challenges[C]//International Confe-rence on Pervasive and Embedded Computing and Communication Systems.2014:255-266.
[18]MANIFAVAS C,HATZIVASILIS G,FYSARAKIS K,et al.A Survey of Lightweight Stream Ciphers for Embedded Systems[J].Security and Communication Networks,2016,9(10):1226-1246.
[19]INDESTEEGE S,KELLER N,DUNKELMAN O,et al.A Practical Attack on KeeLoq[C]//Advances in Cryptology－EUROCRYPT.Springer,2008:1-18.
[20]LAI X,MASSEY J L.A Proposal for a New Block Encryption Standard[C]//Advances in Cryptology－EUROCRYPT.Sprin-ger,1991:389-404.
[21]WHEELER D J,NEEDHAM R M.TEA,A Tiny Encryption Algorithm[C]//International Workshop on Fast Software Encryption.Springer,1995:363-366.
[22]AOKI K,ICHIKAWA T,KANDA M,et al.Camellia:A 128-Bit Block Cipher Suitable for Multiple Platforms－Design and Ana-lysis[C]//International Workshop on Selected Areas in Cryptography.Springer,2001:39-56.
[23]BERTONI G,BREVEGLIERI L,FRAGNETO P,et al.Efficient Software Implementation of AES on 32-Bit Platforms[C]//International Workshop on Cryptographic Hardware and Embedded Systems.Springer,2003:159-171.
[24]EISENBARTH T,GONG Z,GÜNEYSU T,et al.Compact Implementation and Performance Evaluation of Block Ciphers in ATtiny Devices[C]//International Conference on Cryptology in Africa.Springer,2012:172-187.
[25]BOGDANOV A,KNUDSEN L R,LEANDER G,et al.PRESENT:An Ultra-Lightweight Block Cipher[C]//International Workshop on Cryptographic Hardware and Embedded Systems.Springer,2007:450-466.
[26]LIM C H,KORKISHKO T.mCrypton－A Lightweight Block Cipher for Security of Low-Cost RFID Tags and Sensors[C]//International Conference on Information Security Applications.Springer,2006:243-258.
[27]LIM C H.A Revised Version of CRYPTON:CRYPTON V1.0[C]//International Workshop on Fast Software Encryption.Springer,2001:31-45.
[28]WANG C,HEYS H M.An Ultra Compact Block Cipher for Serialized Architecture Implementations[C]//Canadian Confe-rence on Electrical and Computer Engineering.IEEE,2009:1085-1090.
[29]CHENG H,HEYS H M,WANG C.PUFFIN:A Novel Compact Block Cipher Targeted to Embedded Digital Systems[C]//EUROMICRO Conference on Digital System Design Architectures,Methods and Tools.IEEE,2008:383-390.
[30]LEANDER G,PAAR C,POSCHMANN A,et al.New Lightweight DES Variants[C]//International Workshop on Fast Software Encryption.2007:196-210.
[31]KILIAN J,ROGAWAY P.How to Protect DES Against Exhaustive Key Search(an Analysis of DESX)[J].Journal of Cryptology,2001,14:17-35.
[32]SATOH A,MORIOKA S.Small and High-Speed Hardware Architectures for the 3GPP Standard Cipher KASUMI[C]//International Conference on Information Security.Springer,2002:48-62.
[33]KNUDSEN L,LEANDER G,POSCHMANN A,et al.PRINTCIPHER:A Block Cipher for IC-Printing[C]//International Workshop on Cryptographic Hardware and Embedded Systems.Springer,2010:16-32.
[34]YAP H,KHOO K,POSCHMANN A,et al.EPCBC－A Block Cipher Suitable for Electronic Product Code Encryption[C]//International Conference on Cryptology and Network Security,2011:76-97.
[35]STANDAERT F X,PIRET G,GERSHENFELD N,et al.SEA:A Scalable Encryption Algorithm for Small Embedded Applications[C]//International Conference on Smart Card Research and Advanced Applications.Springer,2006:222-236.
[36]LI X C,ZHONG W D,ZHANG S W,et al.A New Threshold Implementation of the S-box inSM4[J].Journal of Cryptologic Research,2018,5(6):641-650.
[37]PEI C.A Method of Masking SM4 and Analysis against DPA Attacks[J].Journal of Cryptologic Research,2016,3(1):79-90.
[38]ZHANG W,BAO Z,LIN D,et al.RECTANGLE:A Bit-Slice Lightweight Block Cipher Suitable for Multiple Platforms[J].Science China Information Sciences,2015,58:1-15.
[39]KARAKOÇ F,DEMIRCI H,HARMANCı A E.ITUbee:ASoftware Oriented Lightweight Block Cipher[C]//International Workshop on Lightweight Cryptography for Security and Privacy.Springer,2013:16-27.
[40]BEAULIEU R,SHORS D,SMITH J,et al.The SIMON and SPECK Families of Lightweight Block Ciphers[C]//ACM/EDAC/IEEE Design Automation Conference(DAC).IEEE,2015:1-6.
[41]MORADI A,POSCHMANN A,LING S,et al.Pushing the Li-mits:A Very Compact and a Threshold Implementation of AES[C]//Advances in Cryptology－EUROCRYPT.Springer,2011:69-88.
[42]NIKOVA S,RIJMEN V,SCHLÄFFER M.Secure HardwareImplementation of Nonlinear Functions in the Presence of Gli-tches[J].Journal of Cryptology,2011,24:292-321.
[43]PIRET G,ROCHE T,CARLET C.PICARO－A Block Cipher Allowing Efficient Higher-Order Side-Channel Resistance[C]//International Conference on Applied Cryptography and Network Security.Springer,2012:311-328.
[44]GÉRARD B,GROSSO V,NAYA-PLASENCIA M,et al.Block Ciphers That Are Easier to Mask:How Far Can We Go?[C]//International Conference on Cryptographic Hardware and Embedded Systems.Springer,2013:383-399.
[45]GROSSO V,LEURENT G,STANDAERT F X,et al.LS-Designs:Bitslice Encryption for Efficient Masked Software Implementations[C]//International Workshop on Fast Software Encryption.Springer,2015:18-37.
[46]BORGHOFF J,CANTEAUT A,GÜNEYSU T,et al.PRINCE－A Low-Latency Block Cipher for Pervasive Computing Applications[C]//Advances in Cryptology－ASIACRYPT.Springer,2012:208-225.
[47]ALBRECHT M R,DRIESSEN B,KAVUN E B,et al.Block Ciphers－Focus on the Linear Layer(feat.PRIDE)[C]//Advances in Cryptology－CRYPTO.Springer,2014:57-76.
[48]ALDABBAGH S S M,AL SHAIKHLI I F T,ALAHMAD MA.HISEC:A New Lightweight Block Cipher Algorithm[C]//International Conference on Security of Information and Networks.2014:151-156.
[49]ZHENG Y,MATSUMOTO T,IMAI H.On the Construction of Block Ciphers Provably Secure and Not Relying on Any Unproved Hypotheses[C]//Advances in Cryptology－CRYPTO.Springer,1990:461-480.
[50]SUZAKI T,MINEMATSU K.Improving the Generalized Feistel[C]//International Workshop on Fast Software Encryption.Springer,2010:19-39.
[51]BOGDANOV A.Cryptanalysis of the KeeLoq Block Cipher[J/OL].https://ia.cr/2007/055.
[52]GONG Z,NIKOVA S,LAW Y W.KLEIN:A New Family of Lightweight Block Ciphers[C]//International Workshop on Radio Frequency Identification:Security and Privacy Issues.2012:1-18.
[53]BEIERLE C,JEAN J,KÖLBL S,et al.The SKINNY Family of Block Ciphers and Its Low-Latency Variant MANTIS[C]//Advances in Cryptology－CRYPTO.Springer,2016:123-153.
[54]HUANG X,LI L,YANG J.IVLBC:An Involutive Lightweight Block Cipher for Internet of Things [J/OL].https://doi.org/10.1109/JSYST.2022.3227951.
[55]IZADI M,SADEGHIYAN B,SADEGHIAN S S,et al.MIBS:A New Lightweight Block Cipher[C]//International Conference on Cryptology and Network Security.Springer,2009:334-348.
[56]WU W,ZHANG L.LBlock:A Lightweight Block Cipher[C]//International Conference on Applied Cryptography and Network Security.Springer,2011:327-344.
[57]ABOUSHOSHA B,RAMADAN R A,DWIVEDI A D,et al.SLIM:A Lightweight Block Cipher for Internet of Health Things[J].IEEE Access,2020,8:203747-203757.
[58]RAMADAN R A,ABOSHOSHA B W,YADAV K,et al.LBC-IoT:Lightweight Block Cipher for IoT Constraint Devices[J].Computers,Materials & Continua,2021,67(3):3563-3579.
[59]FENG J Y,LI L.SCENERY:A Lightweight Block Cipher Based on Feistel Structure[J].Frontiers of Computer Science,2022,16(3):163813.
[60]ZHU D,TONG X J,WANG Z,et al.A Novel Lightweight Block Encryption Algorithm Based on Combined Chaotic System[J].Journal of Information Security and Applications,2022,69:103289.
[61]SHIRAI T,SHIBUTANI K,AKISHITA T,et al.The 128-Bit Blockcipher CLEFIA(Extended Abstract)[C]//International Workshop on Fast Software Encryption.Springer,2007:181-195.
[62]AKISHITA T,HIWATARI H.Very Compact Hardware Im-plementations of the Blockcipher CLEFIA[C]//International Workshop on Selected Areas in Cryptography.Springer,2012:278-292.
[63]OJHA S K,KUMAR N,JAIN K.TWIS－A Lightweight Block Cipher[C]//International Conference on Information Systems Security.2009:280-291.
[64]SHIBUTANI K,ISOBE T,HIWATARI H,et al.Piccolo:AnUltra-Lightweight Blockcipher[C]//International Workshop on Cryptographic Hardware and Embedded Systems.Springer,2011:342-357.
[65]SUZAKI T,MINEMATSU K,MORIOKA S,et al.Twine:ALightweight,Versatile Block Cipher[C]//ECRYPT workshop on lightweight cryptography.2011:146169-146192.
[66]BANIK S,BAO Z,ISOBE T,et al.WARP :Revisiting GFN for Lightweight 128-Bit Block Cipher[C]//International Conference on Selected Areas in Cryptography.Springer,2021:535-564.
[67]YAN L Y,LI L,GUO Y.DBST:A Lightweight Block Cipher Based on DynamicS-box[J].Frontiers of Computer Science,2023,17(3):173805.
[68]HONG D,SUNG J,HONG S,et al.HIGHT:A New Block Cipher Suitable for Low-Resource Device[C]//International Workshop on Cryptographic Hardware and Embedded Systems.Springer,2006:46-59.
[69]HONG D,LEE J K,KIM D C,et al.LEA:A 128-Bit Block Cipher for Fast Encryption on Common Processors[C]//International Workshop on Information Security Applications.Sprin-ger,2014:3-27.
[70]KOO B,ROH D,KIM H,et al.CHAM:A Family of Light-weight Block Ciphers for Resource-Constrained Devices[C]//International Conference on Information Security and Cryptology.Springer,2018:3-25.
[71]CHEN S Y,FAN Y H,SUN L,et al.SAND:An AND-RX Feistel Lightweight Block Cipher Supporting S-box-based Security Evaluations[J].Designs,Codes and Cryptography,2022,90:155-198.
[72]ZHANG X,TANG S,LI T,et al.GFRX:A New Lightweight Block Cipher for Resource-Constrained IoT Nodes[J].Electro-nics,2023,12(2):405.
[73]DE CANNIERE C,DUNKELMAN O,KNEŽEVIĆ M.KATAN and KTANTAN－A Family of Small and Efficient Hardware-Oriented Block Ciphers[C]//International Workshop on Cryptographic Hardware and Embedded Systems.Springer,2009:272-288.
[74]DAS S.Halka:A Lightweight,Software Friendly Block Cipher Using Ultra-Lightweight 8-Bit S-box[J/OL].https://ia.cr/2014/110.
[75]ENGELS D,FAN X,GONG G,et al.Hummingbird:Ultra-Lightweight Cryptography for Resource-Constrained Devices[C]//International Conference on Financial Cryptography and Data Security.Springer,2010:3-18.
[76]ENGELS D,SAARINEN M J O,SCHWEITZER P,et al.The Hummingbird-2 Lightweight Authenticated Encryption Algorithm[C]//International Workshop on Radio Frequency Identification:Security and Privacy Issues.Springer,2012:19-31.
[77]PEI C,XIAO Y,LIANG W,et al.Trade-off of Security and Performance of Lightweight Block Ciphers in Industrial Wireless Sensor Networks[J].EURASIP Journal on Wireless Communications and Networking,2018,2018(1):117-134.
[78]ROLFES C,POSCHMANN A,LEANDER G,et al.Ultra-Lightweight Implementations for Smart Devices－Security for 1000 Gate Equivalents[C]//International Conference on Smart Card Research and Advanced Applications.Springer,2008:89-103.
[79]HATZIVASILIS G,FYSARAKIS K,PAPAEFSTATHIOU I,et al.A Review of Lightweight Block Ciphers[J].Journal of cryptographic Engineering,2018,8:141-184.
[80]BATINA L,DAS A,EGE B,et al.Dietary Recommendations for Lightweight Block Ciphers:Power,Energy and Area Analysis of Recently Developed Architectures[C]//International Workshop on Radio Frequency Identification:Security and Privacy Issues.Springer,2013:103-112.
[81]PLOS T,GROß H,FELDHOFER M.Implementation of Symmetric Algorithms on a Synthesizable 8-Bit Microcontroller Targeting Passive RFID Tags[C]//International Workshop on Selected Areas in Cryptography.Springer,2011:114-129.
[82]CAZORLA M,MARQUET K,MINIER M.Survey and Benchmark of Lightweight Block Ciphers for Wireless Sensor Networks[C]//International Conference on Security and Cryptography(SECRYPT).IEEE,2013:1-6.
[83]DINU D,CORRE Y L,KHOVRATOVICH D,et al.Triathlon of Lightweight Block Ciphers for the Internet of Things[J].Journal of Cryptographic Engineering,2019,9:283-302.
[84]RINNE S,EISENBARTH T,PAAR C.Performance Analysis ofContemporary Light-Weight Block Ciphers on 8-Bit Microcontrollers[C]//Software Performance Enhancement for Encryption and Decryption.2007:1-12.
[85]ENGELS S,KAVUN E B,PAAR C,et al.A Non-Linear/Linear Instruction Set Extension for Lightweight Ciphers[C]//IEEE Symposium on Computer Arithmetic.IEEE,2013:67-75.
[86]KONG J H,ANG L M,SENG K P.A Comprehensive Survey of Modern Symmetric Cryptographic Solutions for Resource Constrained Environments[J].Journal of Network and Computer Applications,2015,49:15-50.
[87]KOUSALYA R,KUMAR G A S.A Survey of Light-WeightCryptographic Algorithm for Information Security and Hardware Efficiency In Resource Constrained Devices[C]//International Conference on Vision Towards Emerging Trends in Communication and Networking(ViTECoN).IEEE,2019:1-5.
[88]AHMED S F,ISLAM M R,NATH T D,et al.G-TBSA:A Ge-neralized Lightweight Security Algorithm for IoT[C]//International Conference on Electrical Information and Communication Technology(EICT).IEEE,2019:1-6.
[89]GROVER L K.A Fast Quantum Mechanical Algorithm for Database Search[C]//ACM Symposium on Theory of Computing(STOC).ACM,1996:212-219.
[90]SIMON D R.On the Power of Quantum Computation[J].SIAM Journal on Computing,1997,26(5):1474-1483.
[91]KUPERBERG G.A Subexponential-Time Quantum Algorith for the Dihedral Hidden Subgroup Problem[J].SIAM Journal on Computing,2005,35(1):170-188.
[92]HARROW A W,HASSIDIM A,LLOYD S.Quantum Algo-rithm for Linear Systems of Equations[J].Physical Review Letters,2009,103(15):150502.
[93]BIJWE S,CHAUHAN A K,SANADHYA S K.QuantumSearch for Lightweight Block Ciphers:GIFT,SKINNY,SATURNIN[J/OL].Cryptology ePrint Archive,2020,1485.https://ia.cr/2020/1485.
[94]BONNETAIN X,NAYA-PLASENCIA M,SCHROTTENLO-HER A.Quantum Security Analysis of AES[J].IACR Tran-sactions on Symmetric Cryptology,2019,2019(2):55-93.
[95]DONG X,DONG B,WANG X.Quantum Attacks on Some Feistel Block Ciphers[J].Designs,Codes and Cryptography,2020,88(6):1179-1203.
[96]BIRYUKOV A,WAGNER D.Advanced Slide Attacks[C]//Advances in Cryptology－EUROCRYPT.Springer,2000:589-606.
[97]ANAND M V,TARGHI E E,TABIA G N,et al.Post-Quantum Security of the CBC,CFB,OFB,CTR,and XTS Modes of Ope-ration[C]//International Conference on Post-Quantum Cryptography.Springer,2016:44-63.
[98]HOSOYAMADA A,IWATA T.4-Round Luby-Rackoff Con-struction is a qPRP[C]//Advances in Cryptology－ASIACRYPT.Springer,2019:145-174.
[99]ALAGIC G,RUSSELL A.Quantum-Secure Symmetric-KeyCryptography Based on Hidden Shifts[C]//Advances in Cryptology-EUROCRYPT.Springer,2017:65-93.
[100]HOSOYAMADA A,IWATA T.Provably Quantum-SecureTweakable Block Ciphers[J].IACR Transactions on Symmetric Cryptology,2021,2021(1):337-377.

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed