Sponge function

About: Sponge function is a research topic. Over the lifetime, 159 publications have been published within this topic receiving 3919 citations.

Investigating Cube Attacks on the Authenticated Encryption Stream Cipher MORUS

Abstract: We investigated the application of cube attacks to MORUS, a candidate in the CAESAR competition. We applied the cube attack to a version of MORUS where the initialization phase is reduced from 16 steps to 4. Our analysis shows that the cube attack can successfully recover the secret key of MORUS-640 with a total complexity of about 2^10 for this reduced version, and similarly for MORUS-1280 with complexity 2^9. Additionally, we obtained cubes resulting in distinguishers for 5 steps of the initialization of MORUS- 1280; these can distinguish the cipher output function from a random function with complexity of 2^8. All our attacks are verified experimentally. Currently, the cube attack does not threaten the security of MORUS if the full initialization phase is performed.

FPGA implementation and comparison of AES-GCM and Deoxys authenticated encryption schemes

Abstract: Authenticated Encryption (AE) schemes are key-based cryptographic algorithms that provide both goals of confidentiality of message and authenticity of the sender, simultaneously. Traditionally, Advanced Encryption Standard (AES) in Galois Counter Mode (AES-GCM), among several other approaches, has been employed for Authenticated Encryption. However, several lightweight cryptographic applications such as those used in sensor networks or RFID security can benefit from new AE schemes which can be constructed more efficiently. In this paper we provide evaluations for Deoxys, a third round candidate from the ongoing Competition for Authenticated Encryption: Security, Applicability, and Robustness (CAESAR). We describe simplified flow diagrams and a detailed summary on the timing performance, area, memory and energy requirements of AES-GCM and Deoxys, using our own implementations on Altera Cyclone V FPGAs. Our analysis shows that Deoxys requires 10% less energy per bit and 25% less LUTs as compared to AES-GCM.

Constructing chaos-based hash function via parallel impulse perturbation

Abstract: Secure hash functions, such as SHA-2 and SHA-3, play an important role in cryptography; however, they are unkeyed and cannot produce the specific hash value with a specified length. First, we constructed a 3D exponent chaotic map (3D-ECM) and analyzed its dynamical characteristics, which has ergodicity and better randomness within a larger parameter range, and can serve as sponge function to absorb message through parallel impulse perturbation to both exponent and state variable. The keyed hash function has a larger key space and can generate 224, 256, 384, 512 or longer hash value via parameter switcher. Theoretical analysis and numerical simulation demonstrated that the algorithm can meet all the performance requirements of a hash function in efficient and flexibility. Its practicable and reliable means high potential to be applied to blockchain or other cryptography area.

On the Homomorphic Computation of Symmetric Cryptographic Primitives

Abstract: We present an analysis on the homomorphic computability of different symmetric cryptographic primitives, with the goal of understanding their characteristics with respect to the homomorphic evaluation according to the BGV scheme. Specifically, we start from the framework presented by Gentry, Halevi and Smart for evaluating AES. We provide an improvement of it, then we perform a detailed evaluation on the homomorphic computation of cryptographic algorithms of different families Salsa20 stream cipher, SHA-256 hash function and Keccak sponge function. After the analysis, we report the performance results of the primitives we have implemented using the recently released HElib. In the conclusions we discuss our findings for the different primitives we have analyzed to draw a general conclusion on the homomorphic evaluation of symmetric cryptographic primitives.

AES-Based Authenticated Encryption Modes in Parallel High-Performance Software.

Abstract: Authenticated encryption (AE) has recently gained renewed interest due to the ongoing CAESAR competition. This paper deals with the performance of block cipher modes of operation for AE in parallel software. We consider the example of the AES on Intel’s new Haswell microarchitecture that has improved instructions for AES and finite field multiplication. As opposed to most previous high-performance software implementations of operation modes – that have considered the encryption of single messages – we propose to process multiple messages in parallel. We demonstrate that this message scheduling is of significant advantage for most modes. As a baseline for longer messages, the performance of AES-CBC encryption on a single core increases by factor 6.8 when adopting this approach. For the first time, we report optimized AES-NI implementations of the novel AE modes OTR, CLOC, COBRA, SILC, McOE-G, POET and Julius – both with single and multiple messages. For almost all AE modes considered, we obtain a consistent speed-up when processing multiple messages in parallel. Notably, among the nonce-based modes, CCM, CLOC and SILC get by factor 3.7 faster, achieving a performance comparable to GCM (the latter, however, possessing classes of weak keys), with OCB3 still performing at only 0.77 cpb. Among the nonce-misuse resistant modes, McOE-G receives a speed-up by more than factor 4 with a performance of about 1.62 cpb, with COPA consistently performing best at 1.45 cpb.