International Association
for Cryptologic Research

In eSTREAM project a few lightweight stream cipher for hardware was introduced (2008) and then in FSE 2015 Sprout was proposed. Sprout introduced a new idea, design of stream cipher with shorter internal state by using key not only in initialization but also in keystream generation, but it was insecure. Fruit stream cipher is successor of Grain and Sprout stream ciphers that we show is secure and ultra-lightweight cipher. Internal state of Fruit is only 80 bits and also length of key and IV is 80 bits for 80-bit security. It is noticeable that internal state size is equal to amount of security while for resistance stream cipher against Time-Memory-Data trade-off attack, internal state should be at least twice of security level. For compensate of this we use some new ideas in design.