Authenticated encryption

About: Authenticated encryption is a research topic. Over the lifetime, 1328 publications have been published within this topic receiving 25968 citations. The topic is also known as: AEAD & Authenticated Encryption with Associated Data.

Reusable Data-Path Architecture for Encryption-then-Authentication on FPGA

Abstract: This paper proposes reusable data-path architecture for lightweight cryptography algorithms, reusing some similar hardware components for both encryption and authentication. In addition to efforts by many researches to optimize hardware architectures, to reduce hardware resources, our proposal is to reuse identical functional blocks within crypto-algorithms targeting for more secure cryptography like Message Authentication Code (MAC), authenticated encryption such as Encrypt-then-MAC (EtM) on Field Programmable Gate Arrays (FPGA). For this proposed reusable data-path, we have chosen LED algorithm for encryption and then PHOTON to generate the MAC code. Instead of creating two different circuits, one for PHOTON and another for LED, our proposal’s is to reuse some of identical block functions repeatedly, therefore reduce the size of required circuit area. Reuse of resources or identical functions however require controllers that enable sharing of data path that can also has different “rounds” of transforms required for different modes either PHOTON or LED in this case, in addition to controllers for individual algorithm. Also to enable comparable computation speed, the data-path has to be further refined, an improvement needed at least on par or better than the current techniques. For PHOTON data-path, we have improved performance of Mix-Columns, focusing on lengthy clock cycle of Galois polynomial multiplication. The results show that this proposed EtM hardware architecture achieves significant improvements, up to 587 MHz, 1336 Mbps and 3.2 Mbps/slices, for maximum frequency, throughput and efficiency, respectively.

Secured lossless data compression using encrypted headers

Abstract: Various embodiments are generally directed to providing a unified data compression-encryption. In particular, compressed data blocks are secured by encrypting the metadata of the compressed data blocks without the need for encrypting the entire compressed data payload. Selected portions of the payload may be encrypted as desired and identified by using tags that indicate beginning and end of encryption boundaries. In addition, authenticated encryption enables integrity checking at the end of decryption-decompression procedure.

Protecting parallel multiplication operations from external monitoring attacks

Abstract: Systems and methods for protecting from external monitoring attacks cryptographic data processing operations involving universal polynomial hash functions computation. An example method may comprise: receiving an input data block and an iteration result value; performing a first field multiplication operation to produce a new iteration result value, by iteratively processing, starting from a first bit position, bits of a combination of the input data block and the iteration result value, wherein the first bit position is represented by one of: a least-significant bit and a most-significant bit; performing a second field multiplication operation to produce a new mask correction value, by iteratively processing operand bits starting from a second bit position, wherein the second bit position is represented by one of: a least-significant bit and a most-significant bit, and wherein the second bit position is different from the first bit position; applying the new mask correction value to the new iteration result value; and producing, based on the new iteration result value, a value of a cryptographic hash function to be utilized by at least one of: an authenticated encryption operation or an authenticated decryption operation.

Identity-based authenticated encryption with identity confidentiality

Abstract: After two decades of research on signcryption, recently a new cryptographic primitive, named higncryption, was proposed at ACM CCS'16. Higncryption can be viewed as privacy-enhanced signcryption, which integrates public key encryption, digital signature and identity concealment (which is not achieved in signcryption) into a monolithic primitive. Here, identity concealment means that the transcript of protocol runs should not leak participants' identity information. In this work, we propose the first identity-based higncryption ( IBHigncryption , for short). We present the formal security model for IBHigncryption , under which security proof of the proposed scheme is conducted. The most impressive feature of IBHigncryption , besides other desirable properties it offers, is its simplicity and efficiency, which might be somewhat surprising in retrospect. Our IBHigncryption has a much simpler setup stage with smaller public parameters and particularly no need of computing master public key. It is essentially as efficient as (if not more than) the fundamental CCA-secure Boneh-Franklin identity-based encryption scheme [14] , and has significant efficiency advantage over the IEEE 1363.3 standard of identity-based signcryption [8] .

Secure Remote Storage through Authenticated Encryption

Abstract: Storage systems are more distributed and more subject to attacks. Cryptographic file system gives a promising way to mitigate the danger of exposing data by using encryption and integrity protection methods and guarantee end-to-end security to clients. This paper describes SRSAE, a generic approach to cryptographic file system, as well as its realization in a distributed data storage environment. SRSAE applies authenticated encryption to each data block transferred between clients and the remote block devices. It provides strong data confidentiality and integrity protections through trusted IV (initialization vector) and MAC (message authentication code) comparison. Performance is optimized by buffering IV and MAC locally. Integration into original file system is presented with specific implementation. Related model, approach and system realization are elaborated, as well as testing results. Theoretical analysis and experimental simulations show that it is a practical and available way to build secure network storage system.