“MICKEY”的意思、由来-开放百科全书

In cryptography, Mutual Irregular Clocking KEYstream generator (MICKEY) is a stream cipher algorithm developed by Steve Babbage and Matthew Dodd.^[1] The cipher is designed to be used in hardware platforms with limited resources, and was one of the three ciphers accepted into Profile 2 of the eSTREAM portfolio. The algorithm is not patented and is free for any use.^[2]

Structure

The cipher maps an 80-bit key and a variable length initialization vector (0 to 80 bits) to a keystream with a maximum length of 2⁴⁰ bits.

Keystream Generation

earlier, any implementation of the cipher contains flip-flops for the R, S regis-

ters and the 4 control variables. Furthermore, there must be 7 flip-flops for the

The keystream production stage in MICKEY 2.0 is preceded by the three stages:- IV Loading, Key Loading

and Preclock. Initially the R, S registers are initialized to the all zero state.

Difference with Trivium

Unlike Trivium, MICKEY 2.0 ^[3] does not allow direct loading of Key and IV bits on to the state register. As mentioned earlier, initially the R, S registers are initialized to the all zero state. Then a variable length IV and the 80 bit Key is used to update the state by successively executing CLOCK KG routine.

Protection in Scan Chain

MICKEY 2.0 can be protected by an XOR-CHAIN structure. The attacker has the following advantages:

To hide the mapping between the scan cells and the actual variables of a cipher is what drove

the previous single-feedback and Double-Feedback XOR-Chain schemes. As this is also falling prey

to cryptanalysis, as shown in the previous section, we move towards a further secure architecture,

Countermeasure for MICKEY

The Flipped-Scan countermeasure technique to protect scan-chains was proposed earlier.

This involved placing inverters at random points in the scan-chain. Security stemmed from the fact that an adversary could not guess the number

RESET attack. It was shown that if all flip-flops in the scan-chain are initially

0 → 1 and 1 → 0 transitions in the scanned-out vector. As an alternative, the

placing XOR gates at random points of the chain.^[4] Security again stems from the fact that an adversary is unable to guess the number and positions of the XOR gates.

Uses in DFT

Scan-based DFT is the most widely used DFT scheme for integrated circuit testing as it is simple and yields high fault coverage. The advantage of scan-based testing is that it provides full observability and controllability of the internal nodes of the IC.

Cryptanalysis

As of 2013, a differential fault attack has been reported against MICKEY 2.0 by Subhadeep Banik and Subhamoy Maitra.^[5]

References

1. ^{{cite web|url=http://www.ecrypt.eu.org/stream/mickeypf.html|title=MICKEY (Portfolio Profile 2)|accessdate=5 October 2011}}
2. ^{{cite web|url=http://www.ecrypt.eu.org/stream/finalip.html#mickey|title=eSTREAM Portfolio Stream Ciphers -- IP Status|accessdate=5 October 2011}}
3. ^{{cite book| author = S.Banik| title = Improved Scan-chain based attacks| volume = 8250| year= 2013| publisher= Springer| page = 78| quote = Mickey| doi = 10.1007/978-3-319-03515-4_6| chapter = Improved Scan-Chain Based Attacks and Related Countermeasures| series = Lecture Notes in Computer Science| isbn = 978-3-319-03514-7}}
4. ^{{cite web|url=http://www.ecrypt.eu.org/stvl/sasc2008/|title=Side Channel Attacks|author1=B. Gierlichs |author2=L. Batina |author3=C. Clavier |author4=T. Eisenbarth |author5=A. Gouget |author6=H. Handschuh |year=2008}}
5. ^{{cite journal|url=http://eprint.iacr.org/2013/029|title=A Differential Fault Attack on MICKEY 2.0|year=2013|last1=Banik|first1=Subhadeep|last2=Maitra|first2=Subhamoy|last3=Sarkar|first3=Santanu}}