RoadRunneR: A Small and Fast Bitslice Block Cipher for Low Cost 8-Bit Processors

Creative Commons License

Baysal A., ŞAHİN S.

4th International Workshop on Lightweight Cryptography for Security and Privacy (LightSec), Bochum, Germany, 10 - 11 September 2015, vol.9542, pp.58-76 identifier identifier

  • Publication Type: Conference Paper / Full Text
  • Volume: 9542
  • Doi Number: 10.1007/978-3-319-29078-2_4
  • City: Bochum
  • Country: Germany
  • Page Numbers: pp.58-76
  • Keywords: Lightweight, Cryptography, Block cipher, Bitslice, 8-bit CPU, Wireless sensor network, ATtiny45, THE-MIDDLE ATTACK, CRYPTANALYSIS
  • Kocaeli University Affiliated: Yes


Designing block ciphers targeting resource constrained 8-bit CPUs is a challenging problem. There are many recent lightweight ciphers designed for better performance in hardware. On the other hand, most software efficient lightweight ciphers either lack a security proof or have a low security margin. To fill the gap, we present RoadRunneR which is an efficient block cipher in 8-bit software, and its security is provable against differential and linear attacks. RoadRunneR has lowest code size in Atmel's ATtiny45, except NSA's design SPECK, which has no security proof. Moreover, we propose a new metric for the fair comparison of block ciphers. This metric, called ST/A, is the first metric to use key length as a parameter to rank ciphers of different key length in a fair way. By using ST/A and other metrics in the literature, we show that RoadRunneR is competitive among existing ciphers on ATtiny45.