Paper 2013/772

Beyond Modes: Building a Secure Record Protocol from a Cryptographic Sponge Permutation

Markku-Juhani O. Saarinen

Abstract

BLINKER is a light-weight cryptographic suite and record protocol built from a single permutation. Its design is based on the Sponge construction used by the SHA-3 algorithm KECCAK. We examine the SpongeWrap authenticated encryption mode and expand its padding mechanism to offer explicit domain separation and enhanced security for our specific requirements: shared secret half-duplex keying, encryption, and a MAC-and-continue mode. We motivate these enhancements by showing that unlike legacy protocols, the resulting record protocol is secure against a two-channel synchronization attack while also having a significantly smaller implementation footprint. The design facilitates security proofs directly from a single cryptographic primitive (a single security assumption) rather than via idealization of multitude of algorithms, paddings and modes of operation. The protocol is also uniquely suitable for an autonomous or semi-autonomous hardware implementation of protocols where the secrets never leave the module, making it attractive for smart card and HSM designs.

Note: Accepted to Cryptographers' Track, RSA Conference USA 2014 (CT-RSA 2014), 25--28 February 2014, San Francisco, US.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Minor revision. CT-RSA 2014
Keywords
Lightweight SecuritySponge-based ProtocolsSponge ConstructionAutonomous Hardware EncryptionHalf-duplex securityBLINKER
Contact author(s)
mjos @ iki fi
History
2013-12-12: last of 4 revisions
2013-11-25: received
See all versions
Short URL
https://ia.cr/2013/772
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2013/772,
      author = {Markku-Juhani O.  Saarinen},
      title = {Beyond Modes: Building a Secure Record Protocol from a Cryptographic Sponge Permutation},
      howpublished = {Cryptology ePrint Archive, Paper 2013/772},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/772}},
      url = {https://eprint.iacr.org/2013/772}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.