Paper 2017/697

On Internal Re-keying

Liliya R. Ahmetzyanova, Evgeny K. Alekseev, Igor B. Oshkin, and Stanislav V. Smyshlyaev

Abstract

In this paper we introduce a classification of existing re-keying-based approaches to increase the security of block cipher operation modes. We introduce the concepts of external and internal re-keying putting the focus on the second one. Whereas the external re-keying approach is widely used and provides the mechanism of key usage control on a message stream processing level, the internal re-keying approach is the first known mechanism providing such a control on a single message processing level. These approaches can be applied completely independently. The internal re-keying approach was already applied to the CTR encryption mode and yielded the CTR-ACPKM mode. This mode is currently being standardized in ISO and in IETF/IRTF (CFRG). In the current paper we apply the internal re-keying approach to the well-known GCM authenticated encryption mode. The main results of this paper are a new internally re-keyed GCM-ACPKM mode and its security bounds. The proposed mode is also passing through the last formal standardization stages in IETF (CFRG). We estimate the security of the GCM-ACPKM mode respecting standard security notions. We compare both security and performance of the GCM-ACPKM and GCM modes. The results show that changing GCM mode by integrating the ACPKM internal re-keying procedure increases security, significantly extending the lifetime of a key with a negligible loss in performance. Also we show how the re-keying approaches could increase the security of TLS 1.3 cipher suites.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
re-keyingblock cipher modesAEADGCMprovable security
Contact author(s)
lah @ cryptopro ru
History
2020-05-22: last of 2 revisions
2017-07-21: received
See all versions
Short URL
https://ia.cr/2017/697
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/697,
      author = {Liliya R.  Ahmetzyanova and Evgeny K.  Alekseev and Igor B.  Oshkin and Stanislav V.  Smyshlyaev},
      title = {On Internal Re-keying},
      howpublished = {Cryptology {ePrint} Archive, Paper 2017/697},
      year = {2017},
      url = {https://eprint.iacr.org/2017/697}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.