Paper 2022/1291

sMGM: parameterizable AEAD-mode

Liliya Akhmetzyanova, CryptoPro LLC
Evgeny Alekseev, CryptoPro LLC
Alexandra Babueva, CryptoPro LLC
Andrey Bozhko, CryptoPro LLC
Stanislav Smyshlyaev, CryptoPro LLC
Abstract

The paper introduces a new AEAD-mode called sMGM (strong Multilinear Galois Mode). The proposed construction can be treated as an extension of the Russian standardized MGM mode and its modification MGM2 mode presented at the CTCrypt'21 conference. The distinctive feature of the new mode is that it provides an interface allowing one to choose specific security properties required for a certain application case. Namely, the mode has additional parameters allowing to switch on/off misuse-resistance or re-keying mechanisms. The sMGM mode consists of two main "building blocks" that are a CTR-style gamma generation function with incorporated re-keying and a multilinear function that lies in the core of the original MGM mode. Different ways of using these functions lead to achieving different sets of security properties. Such an approach to constructing parameterizable AEAD-mode allows for reducing the code size which can be crucial for constrained devices. We provide security bounds for the proposed mode. We focus on proving the misuse-resistance of the sMGM mode, since the standard security properties were already analyzed during the development of the original MGM and MGM2 modes.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
MGM MGM2 AEAD mode security notion security bounds nonce-misuse misuse-resistant SIV re-keying
Contact author(s)
lah @ cryptopro ru
alekseev @ cryptopro ru
babueva @ cryptopro ru
bozhko @ cryptopro ru
svs @ cryptopro ru
History
2022-09-29: approved
2022-09-28: received
See all versions
Short URL
https://ia.cr/2022/1291
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/1291,
      author = {Liliya Akhmetzyanova and Evgeny Alekseev and Alexandra Babueva and Andrey Bozhko and Stanislav Smyshlyaev},
      title = {{sMGM}: parameterizable {AEAD}-mode},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/1291},
      year = {2022},
      url = {https://eprint.iacr.org/2022/1291}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.