Paper 2020/1082

Beyond Birthday Bound Secure Fresh Rekeying: Application to Authenticated Encryption

Bart Mennink

Abstract

Fresh rekeying is a well-established method to protect a primitive or mode against side-channel attacks: an easy to protect but cryptographically not so involved function generates a subkey from the master key, and this subkey is then used for the block encryption of a single or a few messages. It is an efficient way to achieve side-channel protection, but current solutions only achieve birthday bound security in the block size of the cipher and thus halve its security (except if more involved primitives are employed). We present generalized solutions to parallel block cipher rekeying that, for the first time, achieve security beyond the birthday bound in the block size $n$. The first solution involves, next to the subkey generation, one multiplication and the core block cipher call and achieves $2^{2n/3}$ security. The second solution makes two block cipher calls, and achieves optimal $2^n$ security. Our third solution uses a slightly larger subkey generation function but requires no adaptations to the core encryption and also achieves optimal security. The construction seamlessly generalizes to permutation based fresh rekeying. Central to our schemes is the observation that fresh rekeying and generic tweakable block cipher design are two very related topics, and we can take lessons from the advanced results in the latter to improve our understanding and development of the former. We subsequently use these rekeying schemes in a constructive manner to deliver three authenticated encryption modes that achieve beyond birthday bound security and are easy to protect against side-channel attacks.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A major revision of an IACR publication in ASIACRYPT 2020
Keywords
fresh rekeyingblock ciphergeneralizationbeyond birthday boundoptimal
Contact author(s)
b mennink @ cs ru nl
History
2020-09-09: received
Short URL
https://ia.cr/2020/1082
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/1082,
      author = {Bart Mennink},
      title = {Beyond Birthday Bound Secure Fresh Rekeying: Application to Authenticated Encryption},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/1082},
      year = {2020},
      url = {https://eprint.iacr.org/2020/1082}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.