In Cybersecurity, Where Would You Find Dumbo, Jumbo and a Pink Elephant?

Well, you will find these names as part of the method of light-weight encryption method known as Elephant, and which is one of the final contenders for a NIST competition [here]. Whichever method wins the competition will probably become a standard on billions of devices.

Within Elephant [1] we have three different variations: Dumbo, Jumbo and Delirium (and which is a Belgian beer with a pink elephant logo).It was created by Tim Beyne, Yu Long Chen, Christoph Dobraunig, and Bart Mennink. Tim and Yu are from KU Leuven and imec-COSIC, Belgium, and Christoph and Bart from Radboud University, The Netherlands.

Overall, Elephant is an authenticated encryption scheme, based on a nonce-based encrypt-then-MAC construction. We can thus provide a nonce (also known as an initialization vector — IV) and which is the salt value for the cipher. This makes sure that the ciphertext will change when we are using the same key and the same plaintext. Along it supports Authenticated encryption with Associated Data (AEAD) and where we can provide additional data for the cipher. Unlike the nonce value, this additional data is not sent with the ciphertext or used within the encryption method but can be used to authenticate the ciphertext. An example might be to link a packet sequence number to the additional data so that the cipher could not be played-back for another sequence number.

Within lightweight crypto, we must optimize for memory storage, processing requirements, energy drain, and so on, along with keeping compatibility with a wide range of device, and for both a hardware and software implementation.

One of the strengths of Elephant is that it has a low footprint and can use a 160-bit permutation. This small value reduces the footprint of the method within memory. In order to speed the encryption process, the method can also be parallelized. There are three main methods:

  • Dumbo: Elephant-Spongent-π[160] — this method is well-matched to hardware and gives the baseline level of security. The 160 value relates to the bit size of the permutation that is operated on. Overall it gives 112-bit security levels.
  • Jumbo: Elephant-Spongent-π[176] —this is an improved method and achieves 127-bit security.
  • Delirium: Elephant-Keccak-f[200] — this is a more software-focused approach with reasonably good hardware performance, and with 127-bit security.

An outline of the C code is [here][1]:

A sample run is [here]:

And a running version:


[1] Elephant GitHub [here].

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. EU Citizen. Auld Reekie native. Old World Breaker. New World Creator.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store