nach oben

Erschienen in:

2020 | OriginalPaper | Buchkapitel

Parallelizable Authenticated Encryption with Small State Size

verfasst von : Akiko Inoue, Kazuhiko Minematsu

Erschienen in: Selected Areas in Cryptography – SAC 2019

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Authenticated encryption (AE) is a symmetric-key encryption function that provides confidentiality and authenticity of a message. One of the evaluation criteria for AE is state size, which is memory size needed for encryption. State size is especially important when cryptosystem is implemented in constrained devices, while trivial reduction by using a small primitive is not generally acceptable as it leads to a degraded security.

In these days, the state size of AE has been very actively studied and a number of small-state AE schemes have been proposed, but they are inherently serial. It would be a natural question if we come up with a parallelizable AE with a smaller state size than the state-of-the-art.

In this paper, we study the seminal OCB mode for parallelizable AE and propose a method to reduce its state size without losing the bit security of it. More precisely, while (the most small-state variant of) OCB has 3n-bit state, by carefully treating the checksum that is halved, we can achieve 2.5n-bit state, while keeping the n/2-bit security as original. We also propose an inverse-free variant of it based on OTR. While the original OTR has 4n-bit state, ours has 3.5n-bit state. To our knowledge these numbers are the smallest ones achieved by the blockcipher modes for parallel AE and inverse-free parallel AE.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel A DFA Attack on White-Box Implementations of AES with External Encodings

Nächstes Kapitel Deep Neural Network Attribution Methods for Leakage Analysis and Symmetric Key Recovery

Nur mit Berechtigung zugänglich

https://cryptography.gmu.edu/athena.

Bost and Sanders [15] pointed a problem of the first version of OTR [31] regarding its instantiation of XE. Therefore we here refer OTR of the fixed versions [32].

The OCB Authenticated-Encryption Algorithm. IRTF RFC 7253 (2014)

NIST Lightweight Cryptography Standardization (2019). https://csrc.nist.gov/Projects/Lightweight-Cryptography

Andreeva, E., et al.: COLM v1. Submission to CAESAR competition (2015)

Andreeva, E., Bogdanov, A., Luykx, A., Mennink, B., Mouha, N., Yasuda, K.: How to securely release unverified plaintext in authenticated encryption. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 105–125. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45611-8_6CrossRefMATH

Andreeva, E., Bogdanov, A., Luykx, A., Mennink, B., Tischhauser, E., Yasuda, K.: Parallelizable and authenticated online ciphers. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8269, pp. 424–443. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-42033-7_22CrossRef

Andreeva, E., Bogdanov, A., Luykx, A., Mennink, B., Tischhauser, E., Yasuda, K.: AES-COPA vol 2. Submission to CAESAR competition (2015)

Aoki, K., Yasuda, K.: The security of the OCB mode of operation without the SPRP assumption. In: Susilo, W., Reyhanitabar, R. (eds.) ProvSec 2013. LNCS, vol. 8209, pp. 202–220. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-41227-1_12CrossRefMATH

Ashur, T., Dunkelman, O., Luykx, A.: Boosting authenticated encryption robustness with minimal modifications. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 3–33. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63697-9_1CrossRef

Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: FOCS, pp. 394–403. IEEE Computer Society (1997)

10.

Bellare, M., Goldreich, O., Mityagin, A.: The power of verification queries in message authentication and authenticated encryption. Cryptology ePrint Archive, Report 2004/309 (2004). https://eprint.iacr.org/2004/309

11.

Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44448-3_41CrossRef

12.

Benadjila, R., Guo, J., Lomné, V., Peyrin, T.: Implementing lightweight block ciphers on x86 architectures. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 324–351. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43414-7_17CrossRef

13.

Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Duplexing the sponge: single-pass authenticated encryption and other applications. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 320–337. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28496-0_19CrossRef

14.

Bhaumik, R., Nandi, M.: Improved security for OCB3. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 638–666. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70697-9_22CrossRef

15.

Bost, R., Sanders, O.: Trick or tweak: on the (In)security of OTR’s tweaks. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 333–353. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53887-6_12CrossRefMATH

16.

Chakraborti, A., Iwata, T., Minematsu, K., Nandi, M.: Blockcipher-based authenticated encryption: how small can we go? In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 277–298. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_14CrossRef

17.

Datta, N., Nandi, M.: ELmE: a misuse resistant parallel authenticated encryption. In: Susilo, W., Mu, Y. (eds.) ACISP 2014. LNCS, vol. 8544, pp. 306–321. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08344-5_20CrossRef

18.

Datta, N., Nandi, M.: ELMD v2.0. Submission to CAESAR competition (2015)

19.

Dworkin, M.: Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC. NIST-SP 800–38D (2007)

20.

Dworkin, M.: Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality. NIST-SP 800–38C (2007)

21.

Ferguson, N.: Collision attacks on OCB. Comments to NIST (2002)

22.

Granger, R., Jovanovic, P., Mennink, B., Neves, S.: Improved masking for tweakable blockciphers with applications to authenticated encryption. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 263–293. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_11CrossRef

23.

Inoue, A., Iwata, T., Minematsu, K., Poettering, B.: Cryptanalysis of OCB2: attacks on authenticity and confidentiality. Cryptology ePrint Archive, Report 2019/311 (2019). https://eprint.iacr.org/2019/311CrossRef

24.

Iwata, T., Kurosawa, K.: OMAC: one-key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129–153. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-39887-5_11CrossRef

25.

Iwata, T., Minematsu, K., Guo, J., Morioka, S.: CLOC: authenticated encryption for short input. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 149–167. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46706-0_8CrossRefMATH

26.

Iwata, T., Minematsu, K., Guo, J., Morioka, S., Kobayashi, E.: CLOC and SILC v3. Submission to the CAESAR competition (2016)

27.

Krovetz, T., Rogaway, P.: The software performance of authenticated-encryption modes. In: Fast Software Encryption - 18th International Workshop, FSE 2011, Lyngby, Denmark, 13–16 February 2011, Revised Selected Papers, pp. 306–327 (2011). https://doi.org/10.1007/978-3-642-21702-9_18CrossRef

28.

Liskov, M., Rivest, R.L., Wagner, D.: Tweakable block ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31–46. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45708-9_3CrossRef

29.

Matsuda, S., Moriai, S.: Lightweight cryptography for the cloud: exploit the power of bitslice implementation. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 408–425. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33027-8_24CrossRef

30.

Minematsu, K.: Improved security analysis of XEX and LRW modes. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 96–113. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74462-7_8CrossRef

31.

Minematsu, K.: Parallelizable rate-1 authenticated encryption from pseudorandom functions. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 275–292. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_16CrossRef

32.

Minematsu, K.: AES-OTR v3. Submission to CAESAR competition (2016)

33.

Minematsu, K., Matsushima, T.: Generalization and extension of XEX\({}^{\text{*}}\) mode. IEICE Trans. 92-A(2), 517–524 (2009). http://search.ieice.org/bin/summary.php?id=e92-a_2_517&category=A&year=2009&lang=E&abst=

34.

Naito, Y.: Improved XKX-based AEAD scheme: removing the birthday terms. In: Lange, T., Dunkelman, O. (eds.) LATINCRYPT 2017. LNCS, vol. 11368, pp. 228–246. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-25283-0_13CrossRef

35.

Naito, Y.: Tweakable blockciphers for efficient authenticated encryptions with beyond the birthday-bound security. IACR Trans. Symmetric Cryptol. 2017(2), 1–26 (2017)

36.

Naito, Y., Matsui, M., Sugawara, T., Suzuki, D.: SAEB: a lightweight blockcipher-based AEAD mode of operation. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(2), 192–217 (2018). https://doi.org/10.13154/tches.v2018.i2.192-217

37.

Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446 (2018). https://doi.org/10.17487/RFC8446, https://rfc-editor.org/rfc/rfc8446.txt

38.

Rogaway, P.: Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. In: Advances in Cryptology - ASIACRYPT 2004, 10th International Conference on the Theory and Application of Cryptology and Information Security, Jeju Island, Korea, 5–9 December 2004, pp. 16–31 (2004). https://doi.org/10.1007/978-3-540-30539-2_2CrossRef

39.

Rogaway, P., Bellare, M., Black, J., Krovetz, T.: OCB: a block-cipher mode of operation for efficient authenticated encryption. In: CCS 2001, Proceedings of the 8th ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, USA, 6–8 November 2001, pp. 196–205 (2001). https://doi.org/10.1145/501983.502011

40.

T. Dierks, E.R.: The Transport Layer Security (TLS) Protocol Version 1.2. IETF, RFC 5246 (2008)

41.

Ueno, R., Homma, N., Iida, T., Minematsu, K.: High throughput/gate FN-based hardware architectures for AES-OTR. In: 2019 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 1–4 (2019)

Titel: Parallelizable Authenticated Encryption with Small State Size
verfasst von: Akiko Inoue
Kazuhiko Minematsu
Verlag: Springer International Publishing
Buch: Selected Areas in Cryptography – SAC 2019
Print ISBN: 978-3-030-38470-8

Electronic ISBN: 978-3-030-38471-5

Copyright-Jahr: 2020
DOI: https://doi.org/10.1007/978-3-030-38471-5_25

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"