Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection

Authenticated Encryption (AE) protects confidentiality and integrity at the same time. The sponge construction is based on an iterated permutation or transformation that can be used to implement hashing, and AE schemes, among others. Sponge-based AE schemes offer desirable characteristics like paral...

Full description

Saved in:
Bibliographic Details
Main Authors: Jimale M.A., Abdullah N.A., Kiah M.L.B.M., Idris M.Y.I., Z'Aba M.R., Jamil N., Rohmad M.S.
Other Authors: 57440872300
Format: Article
Published: Institute of Electrical and Electronics Engineers Inc. 2024
Subjects:
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.uniten.dspace-34735
record_format dspace
spelling my.uniten.dspace-347352024-10-14T11:22:11Z Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection Jimale M.A. Abdullah N.A. Kiah M.L.B.M. Idris M.Y.I. Z'Aba M.R. Jamil N. Rohmad M.S. 57440872300 26659416000 24833455600 7005361464 24726154700 36682671900 24463710800 Authenticated encryption integrity message authentication code nonce-based AE parallel AE privacy side-channel attacks sponge-based AE tag length variable stretch Authentication C (programming language) Authenticated encryption Cipher Code Integrity Message authentication codes Nonce-based authenticated encryption Parallel authenticated encryption Privacy Security Side-channel attacks Sponge-based authenticated encryption Tag length Variable stretch Side channel attack Authenticated Encryption (AE) protects confidentiality and integrity at the same time. The sponge construction is based on an iterated permutation or transformation that can be used to implement hashing, and AE schemes, among others. Sponge-based AE schemes offer desirable characteristics like parallelizability and incrementality. In addition, they provide security features such as protection against Chosen Plaintext Attacks, Chosen-Ciphertext Attacks, and Side-Channel Attacks (SCAs). Traditionally AE schemes assume the tag length, also called the stretch, as a fixed parameter per key, and the security is proved according to that assumption. However, the variable tag length per key could happen due to misconfiguration or misuse. In that case, the security would be violated, so it is vital to accommodate variable tag length without sacrificing other desirable features. Reyhanitabar et al. proposed Key Equivalent Separation by Stretch feature and concretized it for protection against tag length misuse attacks in block cipher-based AE schemes. However, the problem remains unresolved for sponge-based constructions, where current sponge-based schemes are vulnerable to tag length variation under the same key attacks. This work aims to bridge this gap by proposing a parallel, sponge-based AE scheme with a variable tag length per key that protects against SCAs and suggesting a lower bound for the recommended tag length. Finally, the security of the proposed scheme is discussed, and its performance is analyzed after implementing the proposed AE scheme in the C programming language. � 2013 IEEE. Final 2024-10-14T03:22:11Z 2024-10-14T03:22:11Z 2023 Article 10.1109/ACCESS.2023.3267161 2-s2.0-85153407063 https://www.scopus.com/inward/record.uri?eid=2-s2.0-85153407063&doi=10.1109%2fACCESS.2023.3267161&partnerID=40&md5=593dc191e9104317db7ec57fd5e065b8 https://irepository.uniten.edu.my/handle/123456789/34735 11 59661 59674 All Open Access Gold Open Access Institute of Electrical and Electronics Engineers Inc. Scopus
institution Universiti Tenaga Nasional
building UNITEN Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Tenaga Nasional
content_source UNITEN Institutional Repository
url_provider http://dspace.uniten.edu.my/
topic Authenticated encryption
integrity
message authentication code
nonce-based AE
parallel AE
privacy
side-channel attacks
sponge-based AE tag length
variable stretch
Authentication
C (programming language)
Authenticated encryption
Cipher
Code
Integrity
Message authentication codes
Nonce-based authenticated encryption
Parallel authenticated encryption
Privacy
Security
Side-channel attacks
Sponge-based authenticated encryption
Tag length
Variable stretch
Side channel attack
spellingShingle Authenticated encryption
integrity
message authentication code
nonce-based AE
parallel AE
privacy
side-channel attacks
sponge-based AE tag length
variable stretch
Authentication
C (programming language)
Authenticated encryption
Cipher
Code
Integrity
Message authentication codes
Nonce-based authenticated encryption
Parallel authenticated encryption
Privacy
Security
Side-channel attacks
Sponge-based authenticated encryption
Tag length
Variable stretch
Side channel attack
Jimale M.A.
Abdullah N.A.
Kiah M.L.B.M.
Idris M.Y.I.
Z'Aba M.R.
Jamil N.
Rohmad M.S.
Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection
description Authenticated Encryption (AE) protects confidentiality and integrity at the same time. The sponge construction is based on an iterated permutation or transformation that can be used to implement hashing, and AE schemes, among others. Sponge-based AE schemes offer desirable characteristics like parallelizability and incrementality. In addition, they provide security features such as protection against Chosen Plaintext Attacks, Chosen-Ciphertext Attacks, and Side-Channel Attacks (SCAs). Traditionally AE schemes assume the tag length, also called the stretch, as a fixed parameter per key, and the security is proved according to that assumption. However, the variable tag length per key could happen due to misconfiguration or misuse. In that case, the security would be violated, so it is vital to accommodate variable tag length without sacrificing other desirable features. Reyhanitabar et al. proposed Key Equivalent Separation by Stretch feature and concretized it for protection against tag length misuse attacks in block cipher-based AE schemes. However, the problem remains unresolved for sponge-based constructions, where current sponge-based schemes are vulnerable to tag length variation under the same key attacks. This work aims to bridge this gap by proposing a parallel, sponge-based AE scheme with a variable tag length per key that protects against SCAs and suggesting a lower bound for the recommended tag length. Finally, the security of the proposed scheme is discussed, and its performance is analyzed after implementing the proposed AE scheme in the C programming language. � 2013 IEEE.
author2 57440872300
author_facet 57440872300
Jimale M.A.
Abdullah N.A.
Kiah M.L.B.M.
Idris M.Y.I.
Z'Aba M.R.
Jamil N.
Rohmad M.S.
format Article
author Jimale M.A.
Abdullah N.A.
Kiah M.L.B.M.
Idris M.Y.I.
Z'Aba M.R.
Jamil N.
Rohmad M.S.
author_sort Jimale M.A.
title Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection
title_short Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection
title_full Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection
title_fullStr Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection
title_full_unstemmed Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection
title_sort sponge-based parallel authenticated encryption with variable tag length and side-channel protection
publisher Institute of Electrical and Electronics Engineers Inc.
publishDate 2024
_version_ 1814060132232855552
score 13.222552