Abstract
In authenticated encryption schemes, there are two techniques for handling long ciphertexts while working within the constraints of a low buffer size: Releasing unverified plaintext (RUP) or Producing intermediate tags (PIT). In this paper, in addition to these two techniques, we propose another way to handle a long ciphertext with a low buffer size by storing and releasing only one (generally, or only few) intermediate state, without releasing or storing any part of an unverified plaintext and without need of generating any intermediate tag. In this paper we explain this generalized technique using our new construction sp-AELM. sp-AELM is a sponge based authenticated encryption scheme that provides support for limited memory devices. We also provide its security proof for privacy and authenticity in an ideal permutation model, using a code based game playing framework. Furthermore, we also present two more variants of sp-AELM that serve the same purpose and are more efficient than sp-AELM.
The ongoing CAESAR competition has 9 submissions which are based on the Sponge construction. We apply our generalized technique of storing single intermediate state to all these submissions, to determine their suitability with a devices having limited memory. Our findings show that only ASCON and one of the PRIMATE’s mode(namely GIBBON) satisify the limited memory constraint using this technique, while the remaining 8 schemes (namely, Artemia, ICEPOLE, Ketje, Keyak, NORX, \(\Pi \)-cipher, STRIBOB and two of the PRIMATEs mode: APE & HANUMAN) are not suitable for this scenario directly.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
CAESAR: Competition for authenticated encryption: Security, applicability, and robustness (2014). http://competitions.cr.yp.to/caesar.html
Agrawal, M., Chang, D., Sanadhya, S.: A new authenticated encryption technique for handling long ciphertexts in memory constrained devices. Cryptology ePrint Archive, Report 2015/331 (2015). http://eprint.iacr.org/
Andreeva, E., Bilgin, B., Bogdanov, A., Luykx, A., Mennink, B., Mouha, N., Yasuda, K.: APE: Authenticated permutation-based encryption for lightweight cryptography. IACR Cryptology ePrint Archive 2013, 791 (2013)
Bellare, M., Namprempre, C.: Authenticated Encryption: Relations Among Notions and Analysis of the Generic Composition Paradigm. J. Cryptol. 21(4), 469–491 (2008)
Bellare, M., Rogaway, P.: Encode-then-encipher encryption: how to exploit nonces or redundancy in plaintexts for efficient cryptography. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 317–330. Springer, Heidelberg (2000)
Bellare, M., Rogaway, P.: Code-Based Game-Playing Proofs and the Security of Triple Encryption. IACR Cryptology ePrint Archive 2004, 331 (2004)
Bellare, M., Rogaway, P., Wagner, D.: EAX: A Conventional Authenticated-Encryption Mode. IACR Cryptology ePrint Archive 2003, 69 (2003)
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Duplexing the sponge: single-pass authenticated encryption and other applications. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 320–337. Springer, Heidelberg (2012)
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Cryptographic sponge functions (2011). http://sponge.noekeon.org/
Blaze, M.: High-bandwidth encryption with low-bandwidth smartcards. In: Gollmann, G. (ed.) Fast Software Encryption. Lecture Notes in Computer Science, vol. 1039, pp. 33–40. Springer, Heidelberg (1996)
Blaze, M., Feigenbaum, J., Naor, M.: A formal treatment of remotely keyed encryption. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 251–265. Springer, Heidelberg (1998)
Dobraunig, C., Eichlseder, M., Mendel, F., Schlaffer, M.: Ascon v1. http://competitions.cr.yp.to/round1/asconv1.pdf
Gligoroski, D., Mihajloska, H., Samardjiska, S., Jacobsen, H., El-Hadedy, M., Jensen, R.E.: PiCipher v1. http://competitions.cr.yp.to/round1/picipherv1.pdf
Dodis, Y.: Concealment and Its Applications to Authenticated Encryption. In: Dent, A.W., Zheng, Y. (eds.) Practical Signcryption. Information Security and Cryptography, pp. 149–173. Springer, Heidelberg (2010)
Dworkin, M.J.: Sp 800–38c. recommendation for block cipher modes of operation: The CCM mode for authentication and confidentiality. Technical report, Gaithersburg, MD, United States (2004)
Andreeva, E., Bogdanov, A., Luykx, A., Mennink, B., Mouha, N., Yasuda, K.: How to securely release unverified plaintext in authenticated encryption. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 105–125. Springer, Heidelberg (2014)
Andreeva, E., Bilgin, B., Bogdanov, A., Luykx, A., Mendel, F., Mennink, B., Mouha, N., Wang, Q., Yasuda, K.: PRIMATEs v1. http://competitions.cr.yp.to/round1/primatesv1.pdf
Fouque, P.-A., Joux, A., Martinet, G., Valette, F.: Authenticated On-Line Encryption. In: Matsui, M., Zuccherato, R.J. (eds.) Selected Areas in Cryptography. Lecture Notes in Computer Science, vol. 3006, pp. 145–159. Springer, Heidelberg (2003)
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G., Van Keer, R.: Ketje v1. http://competitions.cr.yp.to/round1/ketjev11.pdf
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G., Van Keer, R.: Ketje v1. http://keyak.noekeon.org/Keyak-1.2.pdf
Alizadeh, J., Aref, M.R., Bagheri, N.: Artemia v1. http://competitions.cr.yp.to/round1/artemiav1.pdf
Neves, S., Aumasson, J.-P., Jovanovic, P.: NORX: Parallel and Scalable AEAD (2014). https://norx.io/
Kohno, T., Viega, J., Whiting, D.: CWC: a high-performance conventional authenticated encryption mode. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 408–426. Springer, Heidelberg (2004)
Lucks, S.: On the security of remotely keyed encryption. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 219–229. Springer, Heidelberg (1997)
Saarinen, M.-J.O.: The CBEAMr1 Authenticated Encryption Algorithm. http://competitions.cr.yp.to/round1/cbeamr1.pdf
Saarinen, M.-J.O.: The STRIBOBr 1 Authenticated Encryption Algorithm. http://competitions.cr.yp.to/round1/stribobr1.pdf
McGrew, D.A., Viega, J.: The security and performance of the galois/counter mode (GCM) of operation. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 343–355. Springer, Heidelberg (2004)
Morawiecki, P., Gaj, K., Homsirikamol, E., Matusiewicz, K., Pieprzyk, J., Rogawski, M., Srebrny, M., Wojcik, M.: ICEPOLE v1. http://competitions.cr.yp.to/round1/icepolev1.pdf
Rogaway, P., Bellare, M., Black, J.: OCB: A block-cipher mode of operation for efficient authenticated encryption. ACM Trans. Inf. Syst. Secur. 6(3), 365–403 (2003)
Wu, H., Preneel, B.: AEGIS: A Fast Authenticated Encryption Algorithm. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 185–202. Springer, Heidelberg (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Agrawal, M., Chang, D., Sanadhya, S. (2015). sp-AELM: Sponge Based Authenticated Encryption Scheme for Memory Constrained Devices. In: Foo, E., Stebila, D. (eds) Information Security and Privacy. ACISP 2015. Lecture Notes in Computer Science(), vol 9144. Springer, Cham. https://doi.org/10.1007/978-3-319-19962-7_26
Download citation
DOI: https://doi.org/10.1007/978-3-319-19962-7_26
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19961-0
Online ISBN: 978-3-319-19962-7
eBook Packages: Computer ScienceComputer Science (R0)