Multipurpose Cryptographic Primitive ARMADILLO3

This paper describes a new design of the multipurpose cryptographic primitive ARMADILLO3 and analyses its security. The ARMADILLO3 family is oriented on small hardware such as smart cards and RFID chips. The original design ARMADILLO and its variants were analyzed by Sepehrdad et al. at CARDIS’11, the recommended variant ARMADILLO2 was analyzed by Plasencia et al. at FSE’12 and by Abdelraheem et al. at ASIACRYPT’11. The ARMADILLO3 design takes the original approach of combining a substitution and a permutation layer. The new family ARMADILLO3 introduces a reduced-size substitution layer with 3 × 3 and 4 × 4 S-boxes, which covers the substitution layer from 25% to 100% of state bits, depending on the security requirements. We propose an instance ARMADILLO3-A1/4 with a pair of permutations and S-boxes applied on 25% of state bits at each stage.