MICKEY


In cryptography, Mutual Irregular Clocking KEYstream generator is a stream cipher algorithm developed by Steve Babbage and Matthew Dodd. The cipher is designed to be used in hardware platforms with limited resources, and was one of the three ciphers accepted into Profile 2 of the eSTREAM portfolio. The algorithm is not patented and is free for any use.

Structure

The cipher maps an 80-bit key and a variable length initialization vector to a keystream with a maximum length of 240 bits.

Keystream Generation

The keystream generator makes use of two registers R and S.
The registers are updated in a non-linear manner using the control variables:
INPUT BIT R, INPUT BIT S, CONTROL BIT R, CONTROL BIT S. As referred to
earlier, any implementation of the cipher contains flip-flops for the R, S regis-
ters and the 4 control variables. Furthermore, there must be 7 flip-flops for the
counter register to keep track of the number of rounds in the Preclock stage.
The keystream production stage in MICKEY 2.0 is preceded by the three stages:- IV Loading, Key Loading
and Preclock. Initially the R, S registers are initialized to the all zero state.

Difference with Trivium

Unlike Trivium, MICKEY 2.0 does not allow direct loading of Key and IV bits on to the state register. As mentioned earlier, initially the R, S registers are initialized to the all zero state. Then a variable length IV and the 80 bit Key is used to update the state by successively executing CLOCK KG routine.

Protection in Scan Chain

MICKEY 2.0 can be protected by an XOR-CHAIN structure. The attacker has the following advantages:
To hide the mapping between the scan cells and the actual variables of a cipher is what drove
the previous single-feedback and Double-Feedback XOR-Chain schemes. As this is also falling prey
to cryptanalysis, as shown in the previous section, we move towards a further secure architecture,
named as random XOR-Chain structure.

Countermeasure for MICKEY

The Flipped-Scan countermeasure technique to protect scan-chains was proposed earlier.
This involved placing inverters at random points in the scan-chain. Security stemmed from the fact that an adversary could not guess the number
and positions of the inverters. This technique was cryptanalyzed using a
RESET attack. It was shown that if all flip-flops in the scan-chain are initially
RESET, then the positions of the inverters can be completely determined by the
0 → 1 and 1 → 0 transitions in the scanned-out vector. As an alternative, the
XOR-CHAIN based countermeasure was proposed. The technique involves
placing XOR gates at random points of the chain. Security again stems from the fact that an adversary is unable to guess the number and positions of the XOR gates.

Uses in DFT

Scan-based DFT is the most widely used DFT scheme for integrated circuit testing as it is simple and yields high fault coverage. The advantage of scan-based testing is that it provides full observability and controllability of the internal nodes of the IC.

Cryptanalysis

As of 2013, a differential fault attack has been reported against MICKEY 2.0 by Subhadeep Banik and Subhamoy Maitra.