Paper 2022/116

Rocca: An Efficient AES-based Encryption Scheme for Beyond 5G (Full version)

Kosei Sakamoto, University of Hyogo
Fukang Liu, University of Hyogo
Yuto Nakano, KDDI Research (Japan)
Shinsaku Kiyomoto, KDDI Research (Japan)
Takanori Isobe, University of Hyogo, National Institute of Information and Communications Technology

In this paper, we present an AES-based authenticated-encryption with associated-data scheme called Rocca, with the purpose to reach the requirements on the speed and security in 6G systems. To achieve ultrafast software implementations, the basic design strategy is to take full advantage of the AES-NI and SIMD instructions as that of the AEGIS family and Tiaoxin-346. Although Jean and Nikolić have generalized the way to construct efficient round functions using only one round of AES (aesenc) and 128-bit XOR operation and have found several efficient candidates, there still seems to exist potential to further improve it regarding speed and state size. In order to minimize the critical path of one round, we remove the case of applying both aesenc and XOR in a cascade way for one round. By introducing a cost-free block permutation in the round function, we are able to search for candidates in a larger space without sacrificing the performance. Consequently, we obtain more efficient constructions with a smaller state size than candidates by Jean and Nikolić. Based on the newly-discovered round function, we carefully design the corresponding AEAD scheme with 256-bit security by taking several reported attacks on the AEGIS family and Tiaxion-346 into account. Our AEAD scheme can reach 178 Gbps which is almost 5 times faster than the AEAD scheme of SNOW-V. Rocca is also much faster than other efficient schemes with 256-bit key length, e.g. AEGIS-256 and AES-256-GCM. As far as we know, Rocca is the first dedicated cryptographic algorithm targeting 6G systems, i.e., 256-bit key length and the speed of more than 100 Gbps.

Note: The key feedforward in the finalization has been removed due to the security issues.

Available format(s)
Secret-key cryptography
Publication info
A major revision of an IACR publication in TOSC 2021
AES-NIFast Software Implementation6GAEAD
Contact author(s)
k sakamoto0728 @ gmail com
liufukangs @ gmail com
yuto @ kddi-research jp
kiyomoto @ kddi-research jp
takanori isobe @ ai u-hyogo ac jp
2023-03-16: last of 4 revisions
2022-01-31: received
See all versions
Short URL
Creative Commons Attribution


      author = {Kosei Sakamoto and Fukang Liu and Yuto Nakano and Shinsaku Kiyomoto and Takanori Isobe},
      title = {Rocca: An Efficient AES-based Encryption Scheme for Beyond 5G (Full version)},
      howpublished = {Cryptology ePrint Archive, Paper 2022/116},
      year = {2022},
      doi = {10.46586/tosc.v2021.i2.1-30},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.