Paper 2020/435

WAGE: An Authenticated Encryption with a Twist

Riham AlTawy, Guang Gong, Kalikinkar Mandal, and Raghvendra Rohit

Abstract

This paper presents WAGE, a new lightweight sponge-based authenticated cipher whose underlying permutation is based on a 37-stage Galois NLFSR over $\mathbb{F}_{2^7}$. At its core, the round function of the permutation consists of the well-analyzed Welch-Gong permutation (WGP), primitive feedback polynomial, a newly designed 7-bit SB sbox and partial word-wise XORs. The construction of the permutation is carried out such that the design of individual components is highly coupled with cryptanalysis and hardware efficiency. As such, we analyze the security of WAGE against differential, linear, algebraic and meet/miss-in-the-middle attacks. For 128-bit authenticated encryption security, WAGE achieves a throughput of 535 Mbps with hardware area of 2540 GE in ASIC ST Micro 90 nm standard cell library. Additionally, WAGE is designed with a twist where its underlying permutation can be efficiently turned into a pseudorandom bit generator based on the WG transformation (WG-PRBG) whose output bits have theoretically proved randomness properties.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. IACR ToSC-2020 (Transactions on Symmetric Cryptology - Special Issue on Designs for the NIST Lightweight Standardisation Process)
Keywords
Authenticated encryptionPseudorandom bit generatorsWelch-Gong permutationLightweight cryptography
Contact author(s)
raltawy @ uvic ca
kmandal @ uwaterloo ca
rsrohit @ uwaterloo ca
History
2020-04-15: received
Short URL
https://ia.cr/2020/435
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/435,
      author = {Riham AlTawy and Guang Gong and Kalikinkar Mandal and Raghvendra Rohit},
      title = {{WAGE}: An Authenticated Encryption with a Twist},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/435},
      year = {2020},
      url = {https://eprint.iacr.org/2020/435}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.