Paper 2019/992
Duel of the Titans: The Romulus and Remus Families of Lightweight AEAD Algorithms
Tetsu Iwata, Mustafa Khairallah, Kazuhiko Minematsu, and Thomas Peyrin
Abstract
In this article, we propose two new families of very lightweight and efficient authenticated encryption with associated data (AEAD) modes, Romulus and Remus, that provide security beyond the birthday bound with respect to the block-length $n$. The former uses a tweakable block cipher (TBC) as internal primitive and can be proven secure in the standard model. The later uses a block cipher (BC) as internal primitive and can be proven secure in the ideal cipher model. Both our modes allow to switch very easily from nonce-respecting to nonce-misuse scenario. Previous constructions, such as ThetaCB, are quite computationally efficient, yet needing a large memory for implementation, which makes them unsuitable for platforms where lightweight cryptography should play a key role. Romulus and Remus break this barrier by introducing a new architecture evolved from a BC mode COFB. They achieve the best of what can be possible with TBC -- the optimal computational efficiency (rate-1 operation) and the minimum state size of a TBC mode (i.e., $(n+t)$-bit for $n$-bit block, $t$-bit tweak TBC), with almost equivalent provable security as ThetaCB. Actually, our comparisons show that both our designs present superior performances when compared to all other recent lightweight AEAD modes, being BC-based, TBC-based or sponge-based, in the nonce-respecting or nonce-misuse scenario. We eventually describe how to instantiate Romulus and Remus modes using the Skinny lightweight tweakable block cipher proposed at CRYPTO 2016, including the hardware implementation results.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- A minor revision of an IACR publication in FSE 2020
- Keywords
- Authenticated encryptionlightweight cryptographytweakable block cipherprovable security
- Contact author(s)
-
tetsu iwata @ nagoya-u jp
mustafam001 @ e ntu edu sg
thomas peyrin @ ntu edu sg
k-minematsu @ nec com - History
- 2020-07-10: last of 4 revisions
- 2019-09-02: received
- See all versions
- Short URL
- https://ia.cr/2019/992
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/992, author = {Tetsu Iwata and Mustafa Khairallah and Kazuhiko Minematsu and Thomas Peyrin}, title = {Duel of the Titans: The Romulus and Remus Families of Lightweight {AEAD} Algorithms}, howpublished = {Cryptology {ePrint} Archive, Paper 2019/992}, year = {2019}, url = {https://eprint.iacr.org/2019/992} }