Abstract
Fruit-80, which emerged as an ultra-lightweight stream cipher with 80-bit secret key, is oriented toward resource-constrained devices in the Internet of Things. In this article, we propose area and speed optimization architectures of Fruit-80 on FPGAs. Our implementations include both serial and parallel structure and optimize area, power, speed, and throughput, respectively. The area optimization architecture aims to achieve the most suitable ratio of look-up-tables and flip-flops to fully utilize the reconfigurable unit. It also reuses NFSR and LFSR feedback functions to save resources for high throughput. The speed optimization architecture adopts a hybrid approach for parallelization and reduces the latency of long data paths by pre-generating primary feedback and inserting flip-flops. Besides, we recommend using the round key function to optimize serial or parallel implementations for Fruit-80 and using indexing and shifting methods for different throughput. In conclusion, our results show that the area optimization architecture occupies up to 35 slices on Xilinx Spartan-3 FPGA and 18 slices on Xilinx 7 series FPGA, smaller than that of Grain and other common stream ciphers. The optimal throughput/area ratio of the speed optimization architecture is 7.74 Mbps/slice, better than that of Grain v1, which is 5.98 Mbps/slice. The serial implementation of Fruit-80 with round key function occupies only 75 slices on Spartan-3 FPGA. To the best of our knowledge, the result sets a new record of the minimum area in lightweight cipher implementation on FPGA.
- [1] . 2014. IoT-privacy: To be private or not to be private. In Proceedings of the 2014 IEEE INFOCOM Workshops (Toronto, ON, Canada, April 27 - May 2). IEEE, 123–124.Google Scholar
Cross Ref
- [2] . 2002. The Design of Rijndael: AES - The Advanced Encryption Standard. Springer. Google Scholar
Cross Ref
- [3] . 2007. PRESENT: An ultra-lightweight block cipher. In Proceedings of the 9th International Workshop on Cryptographic Hardware and Embedded Systems (CHES 2007). (Vienna, Austria, September 10-13, 2007), (Lecture Notes in Computer Science), and (Eds.), Vol. 4727. Springer, 450–466.Google Scholar
Digital Library
- [4] . 2006. HIGHT: A new block cipher suitable for low-resource device. In Proceedings of the 8th International Workshop on Cryptographic Hardware and Embedded Systems. Cryptographic Hardware and Embedded Systems (CHES 2006), (Yokohama, Japan, October 10-13, 2006), (Lecture Notes in Computer Science), and (Eds.), Vol. 4249. Springer, 46–59.Google Scholar
Digital Library
- [5] . 2015. The SIMON and SPECK lightweight block ciphers. In Proceedings of the 52nd Annual Design Automation Conference(San Francisco, CA, June 7-11, 2015). ACM, 175:1–175:6.Google Scholar
Digital Library
- [6] . 2015. The simeck family of lightweight block ciphers. In Proceedings of the 17th International Workshop on Cryptographic Hardware and Embedded Systems (CHES 2007). (Vienna, Austria, September 10-13, 2007), (Eds.), Vol. 9293. Springer, 307–329.Google Scholar
Digital Library
- [7] . 2017. GIFT: A small present - towards reaching the limit of lightweight encryption. In Proceedings of the 19th International Workshop on Cryptographic Hardware and Embedded Systems (CHES 2007)., (Taipei, Taiwan, September 25-28, 2017),(
Lecture Notes in Computer Science ), and (Eds.), Vol. 10529. Springer, 321–345.Google ScholarCross Ref
- [8] . 2006. Trivium: A stream cipher construction inspired by block cipher design principles. In Proceedings of the 9th International Conference on Information Security (ISC 2006) (Samos Island, Greece, August 30 - September 2, 2006). (Lecture Notes in Computer Science), , , , , and (Eds.), Vol. 4176. Springer, 171–186.Google Scholar
- [9] . 2007. Grain: A stream cipher for constrained environments. IJWMC 2, 1 (2007), 86–93.Google Scholar
Digital Library
- [10] . 2008. The MICKEY stream ciphers. In New Stream Cipher Designs - The eSTREAM Finalists, and (Eds.).
Lecture Notes in Computer Science , Vol. 4986. Springer, 191–209.Google Scholar - [11] . 2010. A lightweight stream cipher WG-7 for RFID encryption and authentication. In Proceedings of the Global Communications Conference, 2010 (GLOBECOM 2010,) (Miami, FL, December 6-10, 2010),. IEEE, 1–6.Google Scholar
Cross Ref
- [12] . 2011. The hummingbird-2 lightweight authenticated encryption algorithm. In Proceedings of the 7th International Workshop on RFID. Security and Privacy (RFIDSec 2011), (Amherst, Mass., June 26-28, 2011), Revised Selected Papers (Lecture Notes in Computer Science), and (Eds.), Vol. 7055. Springer, 19–31.Google Scholar
- [13] . 2015. On lightweight stream ciphers with shorter internal states. In Proceedings of the 22nd International Workshop on Fast Software Encryption (FSE 2015) (Istanbul, Turkey, March 8-11, 2015). Revised Selected Papers (Lecture Notes in Computer Science), (Ed.), Vol. 9054. Springer, 451–470.Google Scholar
Cross Ref
- [14] . 2015. A related-key chosen-IV distinguishing attack on full sprout stream cipher. IACR Cryptology ePrint Archive 2015 (2015), 231.Google Scholar
- [15] . 2015. Another tradeoff attack on sprout-like stream ciphers. In Advances in Cryptology - ASIACRYPT 2015 - Proceedings of the 21st International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2015) Part II (Auckland, New Zealand, November 29 - December 3)., Part II (Lecture Notes in Computer Science), and (Eds.), Vol. 9453. Springer, 561–585.Google Scholar
- [16] . 2016. Fault analysis and weak key-IV attack on Sprout. IACR Cryptology ePrint Archive 2016 (2016), 207.Google Scholar
- [17] . 2015. Cryptanalysis of full sprout. In Proceedings of the 35th Annual Cryptology Conference, Advances in Cryptology (CRYPTO 2015) Part I (Santa Barbara, CA, Aug. 16-20, 2015). (Lecture Notes in Computer Science), and (Eds.), Vol. 9215. Springer, 663–682.Google Scholar
Digital Library
- [18] . 2016. Fruit: Ultra-lightweight stream cipher with shorter internal state. IACR Cryptology ePrint Archive 2016 (2016), 355.Google Scholar
- [19] . 2016. On ciphers that continuously access the non-volatile key. IACR Trans. Symmetric Cryptol.2 (2016), 52–79.Google Scholar
- [20] . 2018. Fruit-80: A secure ultra-lightweight stream cipher for constrained environments. Entropy 20, 3 (2018), 180.Google Scholar
Cross Ref
- [21] . 2015. WG-8: A lightweight stream cipher for resource-constrained smart devices. EAI Endorsed Trans. Security Safety 2, 3 (2015), e4.Google Scholar
Cross Ref
- [22] . 2019. Fast correlation attacks on grain-like small state stream ciphers and cryptanalysis of Plantlet, Fruit-v2 and Fruit-80. IACR Cryptology ePrint Archive 2019 (2019), 763.Google Scholar
- [23] . 2020. An improved fast correlation attack on Fruit-80. In Proceedings of the 34th International Conference on Advanced Information Networking and Applications of Advanced Information Networking and Applications - , (AINA-2020) (Advances in Intelligent Systems and Computing), , , , , and (Eds.), Vol. 1151. Springer, 1426–1436.Google Scholar
Cross Ref
- [24] . 2019. On the data limitation of small-state stream ciphers: Correlation attacks on Fruit-80 and Plantlet. In Proceedings of the 26th International Conference on Selected Areas in Cryptography (SAC 2019) - , (Waterloo, ON, Canada, August 12-16, 2019). Revised Selected Papers (Lecture Notes in Computer Science), and (Eds.), Vol. 11959. Springer, 365–392.Google Scholar
- [25] . 1992. The rc4 encryption algorithm. rsa data security. Inc., March 12, 9 (1992), 2.Google Scholar
- [26] . 1991. Internet communication with end-to-end performance guarantees. In Telekommunikation und Multimediale Anwendungen Der Informatik. Springer, 246–258.Google Scholar
Cross Ref
- [27] . 2006. Specification of the 3GPP confidentiality and integrity algorithms UEA2&UIA2. Document 2: SNOW 3G Specification, Version 1.1. http://www.gsmworld.com/using/algorithms/docs/etsi_sage_06_09_06.pdf. (2006).Google Scholar
- [28] . 2011. ZUC algorithm: 3GPP LTE international encryption standard. Information Security and Communications Privacy 19, 12 (2011), 45–46.Google Scholar
- [29] . 2005. Specification of the Bluetooth system. https://www.bluetooth.com/specifications/adoptedspecifications.Google Scholar
- [30] . 2013. Speed and size-optimized implementations of the PRESENT cipher for tiny AVR devices. In Proceedings of the 9th International Radio Frequency Identification - Security and Privacy Issues (RFIDsec 2013), (Graz, Austria, July 9-11, 2013), Revised Selected Papers (Lecture Notes in Computer Science), and (Eds.), Vol. 8262. Springer, 161–175.Google Scholar
Cross Ref
- [31] . 2014. The Simon and Speck block ciphers on AVR 8-bit microcontrollers. In Proceedings of the 3rd International Workshop on Lightweight Cryptography for Security and Privacy (LightSec 2014), (Istanbul, Turkey, September 1-2, 2014), Revised Selected Papers (Lecture Notes in Computer Science), and (Eds.), Vol. 8898. Springer, 3–20.Google Scholar
- [32] . 2018. Parallel implementation of simeck family block cipher by using ARM NEON. In Proceedings of the 10th International Conference on Ubiquitous and Future Networks, (ICUFN 2018) (Prague, Czech Republic, July 3-6, 2018). IEEE, 703–707.Google Scholar
Cross Ref
- [33] . 2013. Design space exploration of the lightweight stream cipher WG-8 for FPGAs and ASICs. In Proceedings of the Workshop on Embedded Systems Security, WESS 2013, (Montreal, Quebec, Canada, September 29 - October 4, 2013). ACM, 8:1–8:10.Google Scholar
Digital Library
- [34] . 2013. Efficient hardware implementation of the stream cipher WG-16 with composite field arithmetic. In TrustED’13, Proceedings of the 2013 ACM Workshop on Trustworthy Embedded Devices, Co-located with CCS 2013, (November 4, 2013, Berlin, Germany), , , and (Eds.). ACM, 21–34.Google Scholar
- [35] . 2019. Hardware optimizations and analysis for the WG-16 cipher with tower field arithmetic. IEEE Trans. Computers 68, 1 (2019), 67–82.Google Scholar
Digital Library
- [36] . 2001. An FPGA-based performance evaluation of the AES block cipher candidate algorithm finalists. IEEE Trans. Very Large Scale Integr. Syst. 9, 4 (2001), 545–557.Google Scholar
Digital Library
- [37] . 2001. Implementation of the block cipher Rijndael using Altera FPGA. Journal of Telecommunications and Information Technology (2001), 80–86.Google Scholar
- [38] . 2014. Lightweight authentication protocols on ultra-constrained RFIDs - Myths and facts. In Proceedings of the 10th International Workshop on Radio Frequency Identification: Security and Privacy Issues (RFIDSec 2014), (Oxford, UK, July 21-23, 2014). Revised Selected Papers (Lecture Notes in Computer Science), and (Eds.), Vol. 8651. Springer, 1–18.
DOI: Google ScholarCross Ref
- [39] . 2008. K.: Comparison of FPGA targeted hardware implementations of eSTREAM stream cipher candidates. In State of the Art of Stream Ciphers Workshop, (SASC 2008). 151–162.Google Scholar
- [40] . 2022. Design space exploration of Galois and Fibonacci configuration based on espresso stream cipher. ACM Transactions on Reconfigurable Technology and Systems (2022), 24.Google Scholar
- [41] . 2017. LIZARD - A lightweight stream cipher for power-constrained devices. IACR Trans. Symmetric Cryptol. 2017, 1 (2017), 45–79.Google Scholar
Cross Ref
- [42] . 2013. FPGA-based performance analysis of stream ciphers ZUC, Snow3g, Grain V1, Mickey V2, Trivium and E0. Microprocess. Microsystems 37, 2 (2013), 235–245.Google Scholar
Digital Library
- [43] . 2006. A compact implementation of Edon80. eSTREAM, ECRYPT Stream Cipher Project, Report, 57 (2006).Google Scholar
- [44] . 2007. Comparison of hardware performance of selected Phase II eSTREAM candidates. In State of the Art of Stream Ciphers Workshop (SASC’07), eSTREAM, ECRYPT Stream Cipher Project, Report, Vol. 26, 2007.Google Scholar
- [45] . 2018. Design and analysis of small-state grain-like stream ciphers. Cryptogr. Commun. 10, 5 (2018), 803–834.Google Scholar
Digital Library
- [46] . 2001. A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications.
Technical Report . Booz-Allen and Hamilton, Inc. Mclean, VA.Google Scholar - [47] . 2016. Design and implementation of warbler family of lightweight pseudorandom number generators for smart devices. ACM Trans. Embedded Comput. Syst. 15, 1 (2016), 1:1–1:28.Google Scholar
Digital Library
- [48] . 2020. The subterranean 2.0 cipher suite. IACR Transactions on Symmetric Cryptology (2020), 262–294.Google Scholar
Cross Ref
- [49] . 2020. FPGA implementations of Grain v1, Mickey 2.0, Trivium, Lizard and Plantlet. Microprocessors and Microsystems 78 (2020), 103210. Google Scholar
Cross Ref
- [50] . 2008. grain. https://github.com/freecores/grain.Google Scholar
Index Terms
Hardware Optimizations of Fruit-80 Stream Cipher: Smaller than Grain
Recommendations
Hardware framework for the rabbit stream cipher
Inscrypt'09: Proceedings of the 5th international conference on Information security and cryptologyRabbit is a software-oriented synchronous stream cipher with very strong security properties and support for 128-bit keys. Rabbit is part of the European Union's eSTREAM portfolio of stream ciphers addressing the need for strong and computationally ...
High-Performance Hardware Implementation for RC4 Stream Cipher
RC4 is the most popular stream cipher in the domain of cryptology. In this paper, we present a systematic study of the hardware implementation of RC4, and propose the fastest known architecture for the cipher. We combine the ideas of hardware pipeline ...
Joint Hardware / Software Design of a Fast Stream Cipher
FSE '98: Proceedings of the 5th International Workshop on Fast Software EncryptionWe explore the problem of designing a stream cipher that is fast in software yet may be efficiently implemented in hardware. We show that a keystream generator built as a word-wide non-linear-feedback shift register can offer both a high degree of ...






Comments