Paper 2021/737

GIFT-COFB is Tightly Birthday Secure with Encryption Queries

Akiko Inoue and Kazuhiko Minematsu


GIFT-COFB is a finalist of NIST Lightweight cryptography project that aims at standardizing authenticated encryption schemes for constrained devices. It is a block cipher-based scheme and comes with a provable security result. This paper studies the tightness of the provable security bounds of GIFT-COFB, which roughly tells that, if instantiated by a secure $n$-bit block cipher, we need $2^{n/2}$ encrypted blocks or $2^{n/2}/n$ decryption queries to break the scheme. This paper shows that the former condition is indeed tight, by presenting forgery attacks that work with $2^{n/2}$ encrypted blocks with single decryption query. This fills the missing spot of previous attacks presented by Khairallah, and confirms the tightness of the security bounds with respect to encryption. We remark that our attacks work independent of the underlying block cipher.

Available format(s)
Secret-key cryptography
Publication info
Preprint. Minor revision.
Authenticated encryptionmode of operationGIFT-COFBbirthday bound
Contact author(s)
a_inoue @ nec com
k-minematsu @ nec com
2021-06-03: received
Short URL
Creative Commons Attribution


      author = {Akiko Inoue and Kazuhiko Minematsu},
      title = {GIFT-COFB is Tightly Birthday Secure with Encryption Queries},
      howpublished = {Cryptology ePrint Archive, Paper 2021/737},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.