Paper 2022/1291
sMGM: parameterizable AEAD-mode
Abstract
The paper introduces a new AEAD-mode called sMGM (strong Multilinear Galois Mode). The proposed construction can be treated as an extension of the Russian standardized MGM mode and its modification MGM2 mode presented at the CTCrypt'21 conference. The distinctive feature of the new mode is that it provides an interface allowing one to choose specific security properties required for a certain application case. Namely, the mode has additional parameters allowing to switch on/off misuse-resistance or re-keying mechanisms. The sMGM mode consists of two main "building blocks" that are a CTR-style gamma generation function with incorporated re-keying and a multilinear function that lies in the core of the original MGM mode. Different ways of using these functions lead to achieving different sets of security properties. Such an approach to constructing parameterizable AEAD-mode allows for reducing the code size which can be crucial for constrained devices. We provide security bounds for the proposed mode. We focus on proving the misuse-resistance of the sMGM mode, since the standard security properties were already analyzed during the development of the original MGM and MGM2 modes.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Preprint.
- Keywords
- MGM MGM2 AEAD mode security notion security bounds nonce-misuse misuse-resistant SIV re-keying
- Contact author(s)
-
lah @ cryptopro ru
alekseev @ cryptopro ru
babueva @ cryptopro ru
bozhko @ cryptopro ru
svs @ cryptopro ru - History
- 2022-09-29: approved
- 2022-09-28: received
- See all versions
- Short URL
- https://ia.cr/2022/1291
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/1291, author = {Liliya Akhmetzyanova and Evgeny Alekseev and Alexandra Babueva and Andrey Bozhko and Stanislav Smyshlyaev}, title = {{sMGM}: parameterizable {AEAD}-mode}, howpublished = {Cryptology {ePrint} Archive, Paper 2022/1291}, year = {2022}, url = {https://eprint.iacr.org/2022/1291} }