## Cryptology ePrint Archive: Report 2019/339

Lightweight Authenticated Encryption Mode of Operation for Tweakable Block Ciphers

Yusuke Naito and Takeshi Sugawara

Abstract: Using a small block length is a common strategy in designing lightweight block cipher. So far, many $64$-bit primitives have been proposed. However, if we use such a $64$-bit primitive for an authenticated encryption with birthday-bound security, it has only $32$-bit plaintext complexity which is subject to a practical attack. To take advantage of a short block length without losing security, we propose a lightweight AEAD mode $\mathsf{FBAE}$ that achieves beyond-birthday-bound security. For the purpose, we extend the idea of $\mathsf{iCOFB}$, originally defined with a tweakable random function, with tweakable block cipher. More specifically, we fix the tweak length which was variable in $\mathsf{iCOFB}$, and further generalize the feedback function. Moreover, we improve its security bound. We evaluate the concrete hardware performances of $\mathsf{FBAE}$. $\mathsf{FBAE}$ benefits from the small block length and shows the particularly good performances in threshold implementation.

Category / Keywords: secret-key cryptography / Authenticated encryption, beyond-birthday-bound security, tweakable block- cipher, lightweight, threshold implementation

Date: received 29 Mar 2019, last revised 27 Jun 2019

Contact author: Naito Yusuke at ce MitsubishiElectric co jp

Available format(s): PDF | BibTeX Citation

Note: [11/4/2019] fix several typos and update the appendix; [5/6/2019] change the security notions and add comparisons between FBAE and Romulus; [28/6/2019] Update Sec.1.4.

Short URL: ia.cr/2019/339

[ Cryptology ePrint archive ]