Authenticated encryption

About: Authenticated encryption is a research topic. Over the lifetime, 1328 publications have been published within this topic receiving 25968 citations. The topic is also known as: AEAD & Authenticated Encryption with Associated Data.

Design and cryptanalysis of a customizable authenticated encryption algorithm

Abstract: Design and Cryptanalysis of a Customizable Authenticated Encryption Algorithm Matthew Joseph Kelly Supervising Professors: Alan Kaminsky & Marcin Łukowiak It is common knowledge that encryption is a useful tool for providing confidentiality. Authentication, however, is often overlooked. Authentication provides data integrity; it helps ensure that any tampering with or corruption of data is detected. It also provides assurance of message origin. Authenticated encryption (AE) algorithms provide both confidentiality and integrity / authenticity by processing plaintext and producing both ciphertext and a Message Authentication Code (MAC). It has been shown too many times throughout history that encryption without authentication is generally insecure. This has recently culminated in a push for new authenticated encryption algorithms. There are several authenticated encryption algorithms in existence already. However, these algorithms are often difficult to use correctly in practice. This is a significant problem because misusing AE constructions can result in reduced security in many cases. Furthermore, many existing algorithms have numerous undesirable features. For example, these algorithms often require two passes of the underlying cryptographic primitive to yield the ciphertext and MAC. This results in a longer runtime. It is clear that new easy-to-use, single-pass, and highly secure AE constructions are needed. Additionally, a new AE algorithm is needed that meets stringent requirements for use in the military and government sectors. This thesis explores the design and cryptanalysis of a novel, easily customizable AE algorithm based on the duplex construction. Emphasis is placed on designing a secure pseudorandom permutation (PRP) for use within the construction. A survey of state of the art cryptanalysis methods is performed and the resistance of our algorithm against such methods is considered. The end result is an algorithm that is believed to be highly secure and that should remain secure if customizations are made within the provided guidelines.

Unconditionally Secure Steganography Against Active Attacks

Abstract: In this paper, we study unconditionally secure stegosystems against active attacks over an insecure channel in which an adversary can read and write a message. More specifically, we propose an information-theoretic model for steganography in the presence of active adversaries by extending both Simmons' and Cachin's works; and we show a generic construction of stegosystems secure against active attacks by using authenticated encryption in unconditional setting. Although the idea behind this construction is already used in different models (i.e., computational models and/or information-theoretic models with passive adversaries) of steganography, our contribution lies in showing the construction methodology provides provable and unconditional security against active adversaries.

Secure communication for electronic business applications in mobile agent networks

Abstract: The mobile agent plays an increasingly important role in electronic business applications, because it can provide the essential properties of personalization, automation and intelligence, etc. This paper proposes several appropriate security schemes for protecting mobile agent networks in electronic business applications. As far as mobile agent security is concerned, we develop a proxy signature scheme for protecting mobile agents against malicious agent hosts. The proposed proxy signature scheme can protect users' private keys stored in smart cards, and provide the fairness of contracts signed by agents. In addition, we also design a proxy authenticated encryption scheme so that the signature of the contracts will satisfy users' constraints, and the non-repudiation of servers can be achieved. On the other hand, as far as agent host security is concerned, we apply the idea of proxy signature to construct an authentication scheme for protecting agent hosts. This scheme is to achieve the requirements of authentication and authorization. Furthermore, we also implement the proposed security schemes to achieve security requirements of confidentiality, integrity, authenticity, and non-repudiation for protecting Linux-based mobile agents and hosts in an electronic auction application. Hence, we affirm that the proposed security schemes are suitable for practical electronic business applications in mobile-agent-based network environments.

Side-channel countermeasure for SHA-3 at almost-zero area overhead

Abstract: Keccak is a hashing function selected by NIST as the SHA-3 standard. Keccak provides an interesting opportunity to have a single core that can perform hashing, MAC generation, authenticated encryption and more. For all applications that involve processing of a secret key, side-channel protection should be considered. Indeed, Keccak authors proposed threshold implementations using three and four shares. However, their proposal contradicts using the same core in different applications. Using a threshold implementation for unkeyed application will involve a huge loss of performance (3x to 4x). In this paper, we solve this problem by proposing a countermeasure that employs a new message format and requires only two gates at 3.7 GE. For unkeyed applications, there will be no loss of any kind. For keyed applications, there will be a one-time performance loss that can be trivialized at long message lengths. Our contribution is essential to provide a single core for all the protected and unprotected applications of SHA-3.

Lightweight Authenticated Encryption Mode of Operation for Tweakable Block Ciphers

Abstract: The use of a small block length is a common strategy when designing lightweight (tweakable) block ciphers (TBCs), and several 64-bit primitives have been proposed. However, when such a 64-bit primitive is used for an authenticated encryption with birthday-bound security, it has only 32-bit data complexity, which is subject to practical attacks. To employ a short block length without compromising security, we propose PFB, a lightweight TBC-based authenticated encryption with associated data mode, which achieves beyond-birthday-bound security. For this purpose, we extend iCOFB, which is originally defined with a tweakable random function. Unlike iCOFB, the proposed method can be instantiated with a TBC using a fixed tweak length and can handle variable-length data. Moreover, its security bound is improved and independent of the data length; this improves the key lifetime, particularly in lightweight blocks with a small size. The proposed method also covers a broader class of feedback functions because of the generalization presented in our proof. We evaluate the concrete hardware performances of PFB, which benefits from the small block length and shows particularly good performances in threshold implementation.