Cryptanalysis of ARMADILLO2
ARMADILLO2 is the recommended variant of a multi-purpose cryptographic primitive dedicated to hardware which has been proposed by Badel et al. in. In this paper the authors propose a meet-in-the-middle technique that allows them to invert the ARMADILLO2 function. Using this technique they are able to perform a key recovery attack on ARMADILLO2 in FIL-MAC application mode. A variant of this attack can also be applied when ARMADILLO2 is used as a stream cipher in the PRNG application mode. Finally they propose a (second) preimage attack on its hashing application mode. All the cryptanalysis presented in this paper can be applied for any arbitrary bitwise permutations 0 and 1 used in the internal permutation.