## Cryptology ePrint Archive: Report 2017/649

Blockcipher-based Authenticated Encryption: How Small Can We Go?

Avik Chakraborti and Tetsu Iwata and Kazuhiko Minematsu and Mridul Nandi

Abstract: This paper presents a design of authenticated encryption (AE) focusing on minimizing the implementation size, i.e., hardware gates or working memory on software. The scheme is called COFB, for COmbined FeedBack. COFB uses an n-bit blockcipher as the underlying primitive, and relies on the use of a nonce for security. In addition to the state required for executing the underlying blockcipher, COFB needs only $n/2$ bits state as a mask. Till date, for all existing constructions in which masks have been applied, at least n bit masks have been used. Thus, we have shown the possibility of reducing the size of a mask without degrading the security level much. Moreover, it requires one blockcipher call to process one input block. We show COFB is provably secure up to $O(2^{n/2}/n)$ queries which is almost up to the standard birthday bound. We also present our hardware implementation results. Experimental implementation results suggest that our proposal has a good performance and the smallest footprint among all known blockcipher-based AE.

Category / Keywords: COFB, AES, authenticated encryption, blockcipher

Original Publication (in the same form): IACR-CHES-2017