Sponge-based Parallel Authenticated Encryption with Variable Tag length and Side-Channel Protection
نویسندگان
چکیده
Authenticated Encryption (AE) protects confidentiality and integrity at the same time. The sponge construction is based on an iterated permutation or transformation that can be used to implement hashing, AE schemes, among others. Sponge-based schemes offer desirable characteristics like parallelizability incrementality. In addition, they provide security features such as protection against Chosen Plaintext Attacks, Chosen-Ciphertext Side-Channel Attacks (SCAs). Traditionally assume tag length, also called stretch, a fixed parameter per key, proved according assumption. However, variable length key could happen due misconfiguration misuse. case, would violated, so it vital accommodate without sacrificing other features. Reyhanitabar et al. proposed Key Equivalent Separation by Stretch feature concretized for misuse attacks in block cipher-based schemes. problem remains unresolved sponge-based constructions, where current are vulnerable variation under attacks. This work aims bridge this gap proposing parallel, scheme with SCAs suggesting lower bound recommended length. Finally, of discussed, its performance analyzed after implementing C programming language.
منابع مشابه
ISAP - Towards Side-Channel Secure Authenticated Encryption
Side-channel attacks and in particular differential power analysis (DPA) attacks pose a serious threat to cryptographic implementations. One approach to counteract such attacks are cryptographic schemes based on fresh re-keying. In settings of pre-shared secret keys, such schemes render DPA attacks infeasible by deriving session keys and by ensuring that the attacker cannot collect side-channel...
متن کاملAuthenticated Encryption with Variable Stretch
In conventional authenticated-encryption (AE) schemes, the ciphertext expansion, a.k.a. stretch or tag length, is a constant or a parameter of the scheme that must be fixed per key. However, using variablelength tags per key can be desirable in practice or may occur as a result of a misuse. The RAE definition by Hoang, Krovetz, and Rogaway (Eurocrypt 2015), aiming at the best-possible AE securi...
متن کاملISAP - Authenticated Encryption Inherently Secure Against Passive Side-Channel Attacks
Side-channel attacks and in particular differential power analysis (DPA) attacks pose a serious threat to cryptographic implementations. One approach to counteract such attacks are cryptographic schemes based on fresh re-keying. In settings of pre-shared secret keys, such schemes render DPA infeasible by deriving session keys and by ensuring that the attacker cannot collect side-channel leakage...
متن کاملSufficient Conditions on Padding Schemes of Sponge Construction and Sponge-Based Authenticated-Encryption Scheme
متن کامل
Parallel authenticated encryption with the duplex construction
The authentication encryption (AE) scheme based on the duplex construction can no be paralellized at the algorithmic level. To be competitive with some block cipher based modes like OCB (Offset CodeBook) or GCM (Galois Counter Mode), a scheme should allow parallel processing. In this note we show how parallel AE can be realized within the framework provided by the duplex construction. The first...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Access
سال: 2023
ISSN: ['2169-3536']
DOI: https://doi.org/10.1109/access.2023.3267161