Paper 2019/339
Lightweight Authenticated Encryption Mode of Operation for Tweakable Block Ciphers
Yusuke Naito and Takeshi Sugawara
Abstract
Using a small block length is a common strategy in designing lightweight block cipher. So far, many $64$-bit primitives have been proposed. However, if we use such a $64$-bit primitive for an authenticated encryption with birthday-bound security, it has only $32$-bit plaintext complexity which is subject to a practical attack. To take advantage of a short block length without losing security, we propose a lightweight AEAD mode $\mathsf{FBAE}$ that achieves beyond-birthday-bound security. For the purpose, we extend the idea of $\mathsf{iCOFB}$, originally defined with a tweakable random function, with tweakable block cipher. More specifically, we fix the tweak length which was variable in $\mathsf{iCOFB}$, and further generalize the feedback function. Moreover, we improve its security bound. We evaluate the concrete hardware performances of $\mathsf{FBAE}$. $\mathsf{FBAE}$ benefits from the small block length and shows the particularly good performances in threshold implementation.
Note: [11/4/2019] fix several typos and update the appendix; [5/6/2019] change the security notions and add comparisons between FBAE and Romulus; [28/6/2019] Update Sec.1.4.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- Authenticated encryptionbeyond-birthday-bound securitytweakable block- cipherlightweightthreshold implementation
- Contact author(s)
- Naito Yusuke @ ce MitsubishiElectric co jp
- History
- 2019-10-14: last of 5 revisions
- 2019-04-03: received
- See all versions
- Short URL
- https://ia.cr/2019/339
- License
-
CC BY