Paper 2022/1414
INT-RUP Security of SAEB and TinyJAMBU
Abstract
The INT-RUP security of an authenticated encryption (AE) scheme is a well studied problem which deals with the integrity security of an AE scheme in the setting of releasing unverified plaintext model. Popular INT-RUP secure constructions either require a large state (e.g. GCM-RUP, LOCUS, Oribatida) or employ a two-pass mode (e.g. MON- DAE) that does not allow on-the-fly data processing. This motivates us to turn our attention to feedback type AE constructions that allow small state implementation as well as on-the-fly computation capability. In CT- RSA 2016, Chakraborti et al. have demonstrated a generic INT-RUP attack on rate-1 block cipher based feedback type AE schemes. Their results inspire us to study about feedback type AE constructions at a reduced rate. In this paper, we consider two such recent designs, SAEB and TinyJAMBU and we analyze their integrity security in the setting of releasing unverified plaintext model. We found an INT-RUP attack on SAEB with roughly 232 decryption queries. However, the concrete analysis shows that if we reduce its rate to 32 bits, SAEB achieves the desired INT-RUP security bound without any additional overhead. Moreover, we have also analyzed TinyJAMBU, one of the finalists of the NIST LwC, and found it to be INT-RUP secure. To the best of our knowledge, this is the first work reporting the INT-RUP security analysis of the block cipher based single state, single pass, on-the-fly, inverse-free authenticated ciphers.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Indocrypt 2022
- Contact author(s)
-
nilanjan datta @ tcgcrest org
avirocks dutta13 @ gmail com
sghosh03 @ campus haifa ac il - History
- 2022-10-24: approved
- 2022-10-18: received
- See all versions
- Short URL
- https://ia.cr/2022/1414
- License
-
CC0
BibTeX
@misc{cryptoeprint:2022/1414, author = {Nilanjan Datta and Avijit Dutta and Shibam Ghosh}, title = {{INT}-{RUP} Security of {SAEB} and {TinyJAMBU}}, howpublished = {Cryptology {ePrint} Archive, Paper 2022/1414}, year = {2022}, url = {https://eprint.iacr.org/2022/1414} }