Cryptology ePrint Archive: Report 2013/772

Beyond Modes: Building a Secure Record Protocol from a Cryptographic Sponge Permutation

Markku-Juhani O. Saarinen

Abstract: BLINKER is a light-weight cryptographic suite and record protocol built from a single permutation. Its design is based on the Sponge construction used by the SHA-3 algorithm KECCAK. We examine the SpongeWrap authenticated encryption mode and expand its padding mechanism to offer explicit domain separation and enhanced security for our specific requirements: shared secret half-duplex keying, encryption, and a MAC-and-continue mode. We motivate these enhancements by showing that unlike legacy protocols, the resulting record protocol is secure against a two-channel synchronization attack while also having a significantly smaller implementation footprint. The design facilitates security proofs directly from a single cryptographic primitive (a single security assumption) rather than via idealization of multitude of algorithms, paddings and modes of operation. The protocol is also uniquely suitable for an autonomous or semi-autonomous hardware implementation of protocols where the secrets never leave the module, making it attractive for smart card and HSM designs.

Category / Keywords: secret-key cryptography / Lightweight Security, Sponge-based Protocols, Sponge Construction, Autonomous Hardware Encryption, Half-duplex security, BLINKER

Original Publication (with minor differences): CT-RSA 2014

Date: received 21 Nov 2013, last revised 12 Dec 2013

Contact author: mjos at iki fi

Available format(s): PDF | BibTeX Citation

Note: Accepted to Cryptographers' Track, RSA Conference USA 2014 (CT-RSA 2014), 25--28 February 2014, San Francisco, US.

Version: 20131212:174741 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]