Sponge function

About: Sponge function is a research topic. Over the lifetime, 159 publications have been published within this topic receiving 3919 citations.

Authenticated encryption scheme without using a one way function

Abstract: A modified HMPs authenticated encryption scheme with the same low expansion rate and lower communication costs but without the use of a one way function is proposed.

Intrusion-resilient public-key encryption

Abstract: This paper provides a comprehensive treatment of forward-security in the context of shared-key based cryptographic primitives, as a practical means to mitigate the damage caused by key-exposure. We provide definitions of security, practical proven-secure constructions, and applications for the main primitives in this area. We identify forward-secure pseudorandom bit generators as the central primitive, providing several constructions and then showing how forward-secure message authentication schemes and symmetric encryption schemes can be built based on standard schemes for these problems coupled with forward-secure pseudorandom bit generators. We then apply forward-secure message authentication schemes to the problem of maintaining secure access logs in the presence of break-ins.

A survey of lightweight stream ciphers for embedded systems

Abstract: Pervasive computing constitutes a growing trend, aiming to embed smart devices into everyday objects. The limited resources of these devices and the ever-present need for lower production costs, lead to the research and development of lightweight cryptographic mechanisms. Block ciphers, the main symmetric key cryptosystems, perform well in this field. Nevertheless, stream ciphers are also relevant in ubiquitous computing applications, as they can be used to secure the communication in applications where the plaintext length is either unknown or continuous, like network streams. This paper provides the latest survey of stream ciphers for embedded systems. Lightweight implementations of stream ciphers in embedded hardware and software are examined as well as relevant authenticated encryption schemes. Their speed and simplicity enable compact and low-power implementations, allow them to excel in applications pertaining to resource-constrained devices. The outcomes of the International Organization for Standardization/International Electrotechnical Commission 29192-3 standard and the cryptographic competitions eSTREAM and Competition for Authenticated Encryption: Security, Applicability, and Robustness are summarized along with the latest results in the field. However, cryptanalysis has proven many of these schemes are actually insecure. From the 31 designs that are examined, only six of them have been found to be secure by independent cryptanalysis. A constrained benchmark analysis is performed on low-cost embedded hardware and software platforms. The most appropriate and secure solutions are then mapped in different types of applications. Copyright © 2015 John Wiley & Sons, Ltd.

Beyond 2 c /2 Security in Sponge-Based Authenticated Encryption Modes

Abstract: The Sponge function is known to achieve 2 c/2 security, where c is its capacity. This bound was carried over to keyed variants of the function, such as SpongeWrap, to achieve a min {2 c/2,2 κ } security bound, with κ the key length. Similarly, many CAESAR competition submissions are designed to comply with the classical 2 c/2 security bound. We show that Sponge-based constructions for authenticated encryption can achieve the significantly higher bound of min {2 b/2,2 c ,2 κ } asymptotically, with b > c the permutation size, by proving that the CAESAR submission NORX achieves this bound. Furthermore, we show how to apply the proof to five other Sponge-based CAESAR submissions: Ascon, CBEAM/STRIBOB, ICEPOLE, Keyak, and two out of the three PRIMATEs. A direct application of the result shows that the parameter choices of these submissions are overly conservative. Simple tweaks render the schemes considerably more efficient without sacrificing security. For instance, NORX64 can increase its rate and decrease its capacity by 128 bits and Ascon-128 can encrypt three times as fast, both without affecting the security level of their underlying modes in the ideal permutation model.

The Making of KECCAK

Abstract: The sponge function KECCAK is the versatile successor of SHA-1 and the SHA-2 series of hash functions. Its structure and components are quite different from its predecessors, and at first sight it seems like a complete break with the past. In this article, researchers show that KECCAK is the endpoint of a long learning process involving many intermediate designs, mostly gradual changes, but also some drastic changes of direction. Researchers take off from their attempts at fixing PANAMA [26], resulting in RADIOGATUN [4], and their insights on trail backtracking applied to generalizations of PANAMA and RADIOGATUN, known as alternating-input and belt-and-mill structures. They explain how they originally proposed the sponge construction to compactly express security claims for their designs and how they finally decided to use it in an actual design which would become KECCAK. Then, they explain the design choices made in KECCAK and how some of its building blocks can be traced back to its predecessor, RADIOGATUN, and even earlier.