scispace - formally typeset
Search or ask a question
Topic

Authenticated encryption

About: Authenticated encryption is a research topic. Over the lifetime, 1328 publications have been published within this topic receiving 25968 citations. The topic is also known as: AEAD & Authenticated Encryption with Associated Data.


Papers
More filters
Posted Content
27 Oct 2020
TL;DR: In this article, the authors proposed a cyber-physical authentication strategy to protect power system infrastructure against false data injection (FDI) attacks, which is based on the MULTOS Trust-Anchor chip using an authenticated encryption protocol.
Abstract: This paper outlines a cyber-physical authentication strategy to protect power system infrastructure against false data injection (FDI) attacks. We demonstrate that it is feasible to use small, low-cost, yet highly attack-resistant security chips as measurement nodes, enhanced with an event-triggered moving target defence (MTD), to offer effective cyber-physical security. At the cyber layer, the proposed solution is based on the MULTOS Trust-Anchor chip, using an authenticated encryption protocol, offering cryptographically protected and chained reports at up to 12/s. The availability of the trust-anchors, allows the grid controller to delegate aspects of passive anomaly detection, supporting local as well as central alarms. In this context, a distributed event-triggered MTD protocol is implemented at the physical layer to complement cyber side enhancement. This protocol applies a distributed anomaly detection scheme based on Holt-Winters seasonal forecasting in combination with MTD implemented via inductance perturbation. The scheme is shown to be effective at preventing or detecting a wide range of attacks against power system measurement system.

6 citations

Journal ArticleDOI
TL;DR: Known single-key attacks on LBlock and LBlock-s are improved by one round after Eskandari et al. presented a 17-round integral distinguisher of LBlock with bit-based division property using SAT solver.
Abstract: LBlock is a lightweight block cipher with Feistel-SP structure proposed by Wu and Zhang in Applied Cryptography and Network Security 2011, and a modified version LBlock-s is used later in the design of the lightweight authenticated encryption cipher LAC, one of the CAESAR candidates. The best known integral attack on LBlock is presented by Zhang and Wu which can attack 23-round LBlock based on a 16-round integral distinguisher found with division property. In Selected Areas in Cryptography 2018, Eskandari et al. further presented a 17-round integral distinguisher of LBlock with bit-based division property using SAT solver. Using their method, the authors further find some new 17-round integral distinguishers of LBlock and use one of them to present a 24-round integral attack on LBlock. Similarly, they also find some 17-round integral distinguishers of LBlock-s and select one to present a 24-round integral attack on LBlock-s. In this way, they have improved known single-key attacks on LBlock and LBlock-s by one round.

6 citations

Journal ArticleDOI
TL;DR: With careful optimization, Gimli can be efficiently implemented in desktop and embedded GPU to achieve extremely high throughput and this paper shows that the proposed Gimli implementation can achieve 661.44 KB/s (encryption), 892.24 KB/S (decryption), and 4344.46KB/s in state-of-the-art GPUs.
Abstract: Recently, National Institute of Standards and Technology (NIST) in the U.S. had initiated a global-scale competition to standardize the lightweight authenticated encryption with associated data (AEAD) and hash function. Gimli is one of the Round 2 candidates that is designed to be efficiently implemented across various platforms, including hardware (VLSI and FPGA), microprocessors, and microcontrollers. However, the performance of Gimli in massively parallel architectures like Graphics Processing Units (GPU) is still unknown. A high performance Gimli implementation on GPU can be especially useful to Internet of Things (IoT) applications, wherein the gateway devices and cloud servers need to handle a massive number of communications protected by AEAD. In this paper, we show that with careful optimization, Gimli can be efficiently implemented in desktop and embedded GPU to achieve extremely high throughput. Our experiments show that the proposed Gimli implementation can achieve 661.44 KB/s (encryption), 892.24 KB/s (decryption), and 4344.46 KB/s (hashing) in state-of-the-art GPUs.

6 citations

Posted Content
TL;DR: In this paper, the authors proposed an augmented secure channel (ASC) that allows a sender to send a receiver message consisting of two parts, where one is privacy-protected and both are authenticity-protected.
Abstract: Motivated by the wide adoption of authenticated encryption and TLS, we suggest a basic channel abstraction, an augmented secure channel (ASC), that allows a sender to send a receiver messages consisting of two parts, where one is privacy-protected and both are authenticityprotected. Working in the tradition of constructive cryptography, we formalize this idea and provide a construction of this kind of channel using the lower-level tool authenticated-encryption. We look at recent proposals on TLS 1.3 and suggest that the criterion by which their security can be judged is quite simple: do they construct an ASC? Due to this precisely defined goal, we are able to give a natural construction that comes with a rigorous security proof and directly leads to a proposal on TLS 1.3 that is provably secure.

6 citations

Journal ArticleDOI
TL;DR: A strong symmetry preservation property of the underlying sponge permutation is exhibited and it is shown that this property can be turned into an attack on the full primitive of NORX v2.0, and the former long-message forgery attack can be extended in both versions to a state-recovery attack.
Abstract: NORX is an authenticated encryption scheme with associated data that was selected, along with 14 other primitives, for the third phase of the ongoing CAESAR competition. It is based on the sponge construction and relies on a simple permutation that allows efficient and versatile implementations. Thanks to research on the security of the sponge construction, the design of NORX, whose permutation is inspired from the permutations used in BLAKE and ChaCha, has evolved throughout three main versions (v1.0, v2.0 and v3.0). The main result of this paper is a cryptanalysis of the full NORX v2.0 that successfully passed, in 2016, the second round of the CAESAR competition. We exhibit a strong symmetry preservation property of the underlying sponge permutation and show that this property can be turned into an attack on the full primitive. This attack yields a ciphertext-only forgery with time and data complexity $$2^{66}$$ (resp. $$2^{130}$$ ) for the variant of NORX v2.0 using 128-bit (resp. 256-bit) keys and breaks the designers’ claim of a 128-bit (resp. 256-bit) security. We further show that this forgery attack can be extended to a key-recovery attack on the full NORX v2.0 with the same time and data complexities. We have implemented and experimentally verified the correctness of the attacks on a toy version of NORX v2.0. We also investigate the security of the NORX v3.0, a tweaked version of NORX v2.0 introduced at the beginning of the third round of the CAESAR competition. The introduction in NORX v3.0 of an extra initial and final key addition thwarts the former forgery and key-recovery attacks. We exhibit, however, a long-message forgery attack on both NORX v2.0 and NORX v3.0 that, given the ciphertext of a $$2^m$$ -block message, allows to forge another $$2^m$$ -block ciphertext with a success probability of about $$2^{m-128}$$ (resp. $$2^{m-256}$$ ) instead of $$2^{-128}$$ (resp. $$2^{-256}$$ ) as one would ideally expect. We further show that since the symmetry preservation of the NORX v2.0 permutation persists in NORX v3.0, the former long-message forgery attack can be extended in both versions to a state-recovery attack. This high-complexity attack does not threaten the practical security of NORX v3.0, but show that the security loss once a successful forgery has been issued is larger than one would expect.

6 citations


Network Information
Related Topics (5)
Public-key cryptography
27.2K papers, 547.7K citations
90% related
Cryptography
37.3K papers, 854.5K citations
89% related
Encryption
98.3K papers, 1.4M citations
86% related
Hash function
31.5K papers, 538.5K citations
84% related
Authentication
74.7K papers, 867.1K citations
83% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
202319
202252
202167
2020109
2019111
201897