Hummingbird HB-2 is a lightweight encryption cipher designed to work in areas where encryption is desired but absent due to resource constraints. It is neither a block cipher nor a stream cipher, but rather a word cipher inspired by rotor-based encryption. The rotors are extremely large 2¹⁶ and stepped by a novel rotor stepping rule. The rotors are virtualized using a custom-built block cipher developed by Dr. Whitfield Diffie named WD16.

 

Substituting the rotor with a block cipher eliminates the need to randomly populate or shuffle a large table (an expensive process to do correctly). This is because a good block cipher does an excellent job of generating a pseudo-random permutation, which is, after all, the intended purpose of a rotor. This approach lends itself to an extremely small memory and hardware footprint since most of the required circuitry is encompassed in a single 16-bit block cipher.

 

Like stream ciphers, Hummingbird HB-2 has a state and requires a nonce in order to initialize the state. Unlike stream ciphers, Hummingbird HB-2 outputs ciphertext in 16 bits at a time. Also unlike stream ciphers, the plaintext greatly influences the state, which in turn facilitates the generation of a single-pass MAC. Having a state means that there must be a period. Tests on scaled-down models show that the state behaves just like a random permutation. As such, the expected period for any constant input would be 2^n-1. Short cycles are possible but unlikely. Since HB-2 has a 128-bit state, this means that the expected period is 2¹²⁷.

 

With stream ciphers, a repeat in the state destroys the security in both messages. What is unusual about these Hummingbird HB-2 designs is that a repeat in the state, which is very rare to begin with, hardly leaks any information. At most, all that can be observed are exact repetitions in the ciphertext where there have been exact repetitions in the plaintext. At any point where the plaintext diverges, it will cause the state to randomize, thereby causing the ciphertext to randomize relative to the sampled ciphertext. This indicates that HB-2 is resistant to nonce misuse.

 

Hummingbird HB-2 requires a 128-bit key and no key setup while the key schedule is trivial. It accepts a 64-bit nonce. The nonce may be predictable, such as a sequence number. Although each nonce should be unique, occasional nonce repeats leak very little information. Hummingbird HB-2 also provides a MAC in a single pass using a single key.  Some of its key features are:

 

 

In addition to security many applications require the protection of private data. Hummingbird HB-2 has two unique properties that address privacy. They are key agility and small block size. The cipher has the ability to swap keys very rapidly. In fact, it is devoid of any key setup! The small block size also allows users to quickly determine whether a given key is returning the expected response or not. This works exactly as in a challenge response protocol. Usually it only has to process 16 bits in order to rule out a key. If the response matches, which happens in 2^-16 cases, then Hummingbird HB-2 continues to interrogate the key until it knows conclusively whether the correct key was selected or not. This is called Fast Key Lookup and has since become a Revere product. It provides very fast linear search capabilities.

 

For more information on Hummingbird HB-2, please see http://www.reveresecurity.com/_pdfs/HB2 Cipher.pdf

 

 

Evolution of the Hummingbird HB-2 Cipher

 

Hummingbird HB-2 came about when the Department of Homeland Security provided funding to develop a cipher for small, resource-constrained devices. This had to be an error propagating cipher since legacy communications in the SCADA network, in particular Modbus over serial, needed to be secured. Due to the timing issue that signified a termination of communication it became apparent that a form of stream cipher was required. However, stream ciphers are extremely vulnerable to tampering, and the timing constraints do not allow for the message to be buffered up and authenticated in the traditional manner. This became a novel conflict which Revere co-founder Eric Smith had to consider when he eventually designed a hybrid cipher that is neither a block nor a stream cipher. Hence, Hummingbird HB-2 was created as a word cipher inspired by rotor-based encryption.

To make matters worse, rotor-based encryption is not an error-propagating cipher. Smith began to wonder if there was any way to step rotors dependent on the input so that altering the ciphertext causes the error to propagate. Indeed, this is possible, and Smith spent the next few months devising the exact feedback mechanism to allow for the longest period while fully assuring error propagation. Later, Smith turned his interest to another problem that had gotten a lot of attention in academia – securing passive RFID tags. At the time, Hummingbird HB-2’s scheme used 8-bit lookup tables (so-called genuine rotors). However, each 8-bit table required 256 bytes of memory. With four rotors, that is a total of 1K memory to encrypt and another to decrypt. This was not an option, since RFID tags rarely go beyond 16 bytes of memory.

Based on the insight that a rotor basically is nothing more than a permutation, it became possible to replace a genuine rotor with a virtual rotor, otherwise known as a block cipher. A 16-bit block cipher has an ideal size to keep gate count down. Smith spent considerable time looking for a suitable candidate and attempted to scale down various block ciphers such as RC-5, RC-6, TEA, XTEA, IDEA – with no success. These ciphers either required too many resources or too many rounds to have a rotor that was indistinguishable from a random rotor. It was not until Revere Security's Chef Cryptographer, Dr. Whitfield Diffie, came up with an extremely lightweight design, the WD16, which gave the idea of simulated rotors traction. Full cross dependence in the diffusion layer only requires two rounds. This turned out to be extremely efficient in both hardware and software especially on 8- and 16-bit processors. Thus, Hummingbird was born.