Network


Latest external collaboration on country level. Dive into details by clicking on the dots.

Hotspot


Dive into the research topics where Stefan Kölbl is active.

Publication


Featured researches published by Stefan Kölbl.


international cryptology conference | 2016

The SKINNY Family of Block Ciphers and Its Low-Latency Variant MANTIS

Christof Beierle; Jérémy Jean; Stefan Kölbl; Gregor Leander; Amir Moradi; Thomas Peyrin; Yu Sasaki; Pascal Sasdrich; Siang Meng Sim

We present a new tweakable block cipher family SKINNY, whose goal is to compete with NSA recent design SIMON in terms of hardware/software performances, while proving in addition much stronger security guarantees with regards to differential/linear attacks. In particular, unlike SIMON, we are able to provide strong bounds for all versions, and not only in the single-key model, but also in the related-key or related-tweak model. SKINNY has flexible block/key/tweak sizes and can also benefit from very efficient threshold implementations for side-channel protection. Regarding performances, it outperforms all known ciphers for ASIC round-based implementations, while still reaching an extremely small area for serial implementations and a very good efficiency for software and micro-controllers implementations SKINNY has the smallest total number of AND/OR/XOR gates used for encryption process. Secondly, we present MANTIS, a dedicated variant of SKINNY for low-latency implementations, that constitutes a very efficient solution to the problem of designing a tweakable block cipher for memory encryption. MANTIS basically reuses well understood, previously studied, known components. Yet, by putting those components together in a new fashion, we obtain a competitive cipher to PRINCE in latency and area, while being enhanced with a tweak input.


international cryptology conference | 2015

Observations on the SIMON Block Cipher Family

Stefan Kölbl; Gregor Leander; Tyge Tiessen

In this paper we analyse the general class of functions underlying the Simon block cipher. In particular, we derive efficiently computable and easily implementable expressions for the exact differential and linear behaviour of Simon-like round functions.


IACR Cryptology ePrint Archive | 2016

A Brief Comparison of Simon and Simeck

Stefan Kölbl; Arnab Roy

Simeck is a new lightweight block cipher design based on combining the design principles of the Simon and Speck block cipher. While the design allows a smaller and more efficient hardware implementation, its security margins are not well understood. The lack of design rationals of its predecessors further leaves some uncertainty on the security of Simeck.


fast software encryption | 2015

Security of the AES with a Secret S-Box

Tyge Tiessen; Lars R. Knudsen; Stefan Kölbl; Martin M. Lauridsen

How does the security of the AES change when the S-box is replaced by a secret S-box, about which the adversary has no knowledge? Would it be safe to reduce the number of encryption rounds?


IACR Cryptology ePrint Archive | 2016

Haraka v2 – Efficient Short-Input Hashing for Post-Quantum Applications

Stefan Kölbl; Martin M. Lauridsen; Florian Mendel; Christian Rechberger

Recently, many efficient cryptographic hash function design strategies have been explored, not least because of the SHA-3 competition. These designs are, almost exclusively, geared towards high performance on long inputs. However, various applications exist where the performance on short (fixed length) inputs matters more. Such hash functions are the bottleneck in hash-based signature schemes like SPHINCS or XMSS, which is currently under standardization. Secure functions specifically designed for such applications are scarce. We attend to this gap by proposing two short-input hash functions (or rather simply compression functions). By utilizing AES instructions on modern CPUs, our proposals are the fastest on such platforms, reaching throughputs below one cycle per hashed byte even for short inputs, while still having a very low latency of less than 60 cycles. Under the hood, this results comes with several innovations. First, we study whether the number of rounds for our hash functions can be reduced, if only second-preimage resistance (and not collision resistance) is required. The conclusion is: only a little. Second, since their inception, AES-like designs allow for supportive security arguments by means of counting and bounding the number of active S-boxes. However, this ignores powerful attack vectors using truncated differentials, including the powerful rebound attacks. We develop a general tool-based method to include arguments against attack vectors using truncated differentials.


cryptographic hardware and embedded systems | 2017

Gimli : A Cross-Platform Permutation

Daniel J. Bernstein; Stefan Kölbl; Stefan Lucks; Pedro Maat C. Massolino; Florian Mendel; Kashif Nawaz; Tobias Schneider; Peter Schwabe; François-Xavier Standaert; Yosuke Todo; Benoît Viguier

This paper presents Gimli, a 384-bit permutation designed to achieve high security with high performance across a broad range of platforms, including 64-bit Intel/AMD server CPUs, 64-bit and 32-bit ARM smartphone CPUs, 32-bit ARM microcontrollers, 8-bit AVR microcontrollers, FPGAs, ASICs without side-channel protection, and ASICs with side-channel protection.


international conference on progress in cryptology | 2015

State-Recovery Analysis of Spritz

Ralph Ankele; Stefan Kölbl; Christian Rechberger

RC4 suffered from a range of plaintext-recovery attacks using statistical biases, which use substantial, albeit close-to-practical, amounts of known keystream in applications such as TLS or WEP/WPA. Spritz was recently proposed at the rump session of CRYPTO 2014 as a slower redesign of RC4 by Rivest and Schuldt, aiming at reducing the statistical biases that lead to these attacks on RC4. Even more devastating than those plaintext-recovery attacks from large amounts of keystream would be state- or key-recovery attacks from small amounts of known keystream. For RC4, there is unsubstantiated evidence that they may exist, the situation for Spritz is however not clear, as resistance against such attacks was not a design goal. In this paper, we provide the first cryptanalytic results on Spritz and introduce three different state recovery algorithms. Our first algorithm recovers an internal state, requiring only a short segment of keystream, with an approximated complexity of


international conference on progress in cryptology | 2014

Practical Attacks on AES-like Cryptographic Hash Functions

Stefan Kölbl; Christian Rechberger


IACR Transactions on Symmetric Cryptology | 2018

ShiftRows Alternatives for AES-like Ciphers and Optimal Cell Permutations for Midori and Skinny.

Gianira N. Alfarano; Christof Beierle; Takanori Isobe; Stefan Kölbl; Gregor Leander

2^{1400}


IACR Cryptology ePrint Archive | 2018

Putting Wings on SPHINCS

Stefan Kölbl

Collaboration


Dive into the Stefan Kölbl's collaboration.

Top Co-Authors

Avatar

Christian Rechberger

Technical University of Denmark

View shared research outputs
Top Co-Authors

Avatar

Tyge Tiessen

Technical University of Denmark

View shared research outputs
Top Co-Authors

Avatar

Florian Mendel

Graz University of Technology

View shared research outputs
Top Co-Authors

Avatar

Lars R. Knudsen

Technical University of Denmark

View shared research outputs
Top Co-Authors

Avatar

Martin M. Lauridsen

Technical University of Denmark

View shared research outputs
Top Co-Authors

Avatar
Top Co-Authors

Avatar

Daniel J. Bernstein

University of Illinois at Chicago

View shared research outputs
Top Co-Authors

Avatar

Benoît Viguier

Radboud University Nijmegen

View shared research outputs
Top Co-Authors

Avatar
Top Co-Authors

Avatar

Peter Schwabe

Radboud University Nijmegen

View shared research outputs
Researchain Logo
Decentralizing Knowledge