Authenticated encryption

About: Authenticated encryption is a research topic. Over the lifetime, 1328 publications have been published within this topic receiving 25968 citations. The topic is also known as: AEAD & Authenticated Encryption with Associated Data.

Authenticated Secret Key Generation in Delay Constrained Wireless Systems.

Abstract: With the emergence of 5G low latency applications, such as haptics and V2X, low complexity and low latency security mechanisms are sought. Promising lightweight mechanisms include physical unclonable functions (PUF) and secret key generation (SKG) at the physical layer, as considered in this paper. In this framework we propose i) a novel authenticated encryption using SKG; ii) a combined PUF / SKG authentication to reduce computational overhead; iii) a 0-RTT resumption authentication protocol; iv) pipelining of the SKG and the encrypted data transfer. With respect to the latter, we investigate a parallel SKG approach for multi-carrier systems, where a subset of the subcarriers are used for SKG and the rest for data transmission. The optimal resource allocation is identified under security, power and delay constraints, by formulating the subcarrier allocation as a subset-sum $0-1$ knapsack optimization problem. A heuristic approach of linear complexity is proposed and shown to incur negligible loss with respect to the optimal dynamic programming solution. All of the proposed mechanisms, have the potential to pave the way for a new breed of latency aware security protocols.

Looting the LUTs: FPGA Optimization of AES and AES-like Ciphers for Authenticated Encryption

Abstract: In this paper, we investigate the efficiency of FPGA implementations of AES and AES-like ciphers, specially in the context of authenticated encryption. We consider the encryption/decryption and the authentication/verification structures of OCB-like modes (like OTR or SCT modes). Their main advantage is that they are fully parallelisable. While this feature has already been used to increase the throughput/performance of hardware implementations, it is usually overlooked while comparing different ciphers. We show how to use it with zero area overhead, leading to a very significant efficiency gain. Additionally, we show that using FPGA technology mapping instead of logic optimization, the area of both the linear and non linear parts of the round function of several AES-like primitives can be reduced, without affecting the run-time performance. We provide the implementation results of two multi-stream implementations of both the LED and AES block ciphers. The AES implementation in this paper achieves an efficiency of 38 Mbps/slice, which is the most efficient implementation in literature, to the best of our knowledge. For LED, achieves 2.5 Mbps/slice on Spartan 3 FPGA, which is 2.57x better than the previous implementation. Besides, we use our new techniques to optimize the FPGA implementation of the CAESAR candidate Deoxys-I in both the encryption only and encryption/decryption settings. Finally, we show that the efficiency gains of the proposed techniques extend to other technologies, such as ASIC, as well.

Bitstream Protection in Dynamic Partial Reconfiguration Systems Using Authenticated Encryption

Abstract: Protecting the confidentiality and integrity of a configuration bitstream is essential for the dynamic partial reconfiguration (DPR) of field-programmable gate arrays (FPGAs). This is because erroneous or falsified bitstreams can cause fatal damage to FPGAs. In this paper, we present a high-speed and area-efficient bitstream protection scheme for DPR systems using the Advanced Encryption Standard with Galois/ Counter Mode (AES-GCM), which is an authenticated encryption algorithm. Unlike many previous studies, our bitstream protection scheme also provides a mechanism for error recovery and tamper resistance against configuration block deletion, insertion, and disorder. The implementation and evaluation results show that our DPR scheme achieves a higher performance, in terms of speed and area, than previous methods. key words: dynamic partial reconfiguration (DPR), field-programmable gate array (FPGA), Advanced Encryption Standard (AES), Galois/Counter Mode (GCM), authenticated encryption

Improved Cube Attacks on Some Authenticated Encryption Ciphers and Stream Ciphers in the Internet of Things

Abstract: With technical development and internet popularization, Internet of Things (IoT) technology is gaining a wider application in various fields. Key challenges in the growth of IoT are related to privacy and security. To avoid any possible malicious attacks, employing cryptosystems is widely recognized as one of the most effective approaches to implement confidentiality, integrity, and message authentication for the security of IoT. In this work, we investigate the security of Authenticated Encryption ciphers and stream cipher by using the improved cube attack. Firstly, we introduce a method to identify good cubes, which leads to the largest-round distinguisher. Our idea is based on the greedy algorithm of finding cubes and the numeric mapping method for estimating the algebraic degree of the NFSR-based cryptosystem. By using this method, we can efficiently explore useful cubes from a large search space. Further, we evaluate the security of several cryptographic primitives against the cube attack by using the SAT model of division property and flag technique, which can make the propagation of division property more accurately. Experiments show that we can obtain some new or improved cryptanalysis on MORUS-640-128, TRIAD, Quartet, TriviA-ck-v2, and Enhanced-bivium. The attacks can improve the number of attacking rounds and efficiency, and provide a vital reference for security analysis of other Authenticated Encryption ciphers and lightweight stream ciphers.

Dumbo, Jumbo, and Delirium: Parallel Authenticated Encryption for the Lightweight Circus

Abstract: With the trend to connect more and more devices to the Internet, authenticated encryption has become a major backbone in securing the communication, not only between these devices and servers, but also the direct communication among these devices. Most authenticated encryption algorithms used in practice are developed to perform well on modern high-end devices, but are not necessarily suited for usage on resource-constrained devices. We present a lightweight authenticated encryption scheme, called Elephant. Elephant retains the advantages of GCM such as parallelism, but is tailored to the needs of resource-constrained devices. The two smallest instances of Elephant, Dumbo and Jumbo, are based on the 160-bit and 176-bit Spongent permutation, respectively, and are particularly suited for hardware; the largest instance of Elephant, Delirium, is based on 200-bit Keccak and is developed towards software use. All three instances are parallelizable, have a small state size while achieving a high level of security, and are constant time by design.