Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection
Authenticated Encryption (AE) protects confidentiality and integrity at the same time. The sponge construction is based on an iterated permutation or transformation that can be used to implement hashing, and AE schemes, among others. Sponge-based AE schemes offer desirable characteristics like paral...
Saved in:
Main Authors: | , , , , , , |
---|---|
Other Authors: | |
Format: | Article |
Published: |
Institute of Electrical and Electronics Engineers Inc.
2024
|
Subjects: | |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my.uniten.dspace-34735 |
---|---|
record_format |
dspace |
spelling |
my.uniten.dspace-347352024-10-14T11:22:11Z Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection Jimale M.A. Abdullah N.A. Kiah M.L.B.M. Idris M.Y.I. Z'Aba M.R. Jamil N. Rohmad M.S. 57440872300 26659416000 24833455600 7005361464 24726154700 36682671900 24463710800 Authenticated encryption integrity message authentication code nonce-based AE parallel AE privacy side-channel attacks sponge-based AE tag length variable stretch Authentication C (programming language) Authenticated encryption Cipher Code Integrity Message authentication codes Nonce-based authenticated encryption Parallel authenticated encryption Privacy Security Side-channel attacks Sponge-based authenticated encryption Tag length Variable stretch Side channel attack Authenticated Encryption (AE) protects confidentiality and integrity at the same time. The sponge construction is based on an iterated permutation or transformation that can be used to implement hashing, and AE schemes, among others. Sponge-based AE schemes offer desirable characteristics like parallelizability and incrementality. In addition, they provide security features such as protection against Chosen Plaintext Attacks, Chosen-Ciphertext Attacks, and Side-Channel Attacks (SCAs). Traditionally AE schemes assume the tag length, also called the stretch, as a fixed parameter per key, and the security is proved according to that assumption. However, the variable tag length per key could happen due to misconfiguration or misuse. In that case, the security would be violated, so it is vital to accommodate variable tag length without sacrificing other desirable features. Reyhanitabar et al. proposed Key Equivalent Separation by Stretch feature and concretized it for protection against tag length misuse attacks in block cipher-based AE schemes. However, the problem remains unresolved for sponge-based constructions, where current sponge-based schemes are vulnerable to tag length variation under the same key attacks. This work aims to bridge this gap by proposing a parallel, sponge-based AE scheme with a variable tag length per key that protects against SCAs and suggesting a lower bound for the recommended tag length. Finally, the security of the proposed scheme is discussed, and its performance is analyzed after implementing the proposed AE scheme in the C programming language. � 2013 IEEE. Final 2024-10-14T03:22:11Z 2024-10-14T03:22:11Z 2023 Article 10.1109/ACCESS.2023.3267161 2-s2.0-85153407063 https://www.scopus.com/inward/record.uri?eid=2-s2.0-85153407063&doi=10.1109%2fACCESS.2023.3267161&partnerID=40&md5=593dc191e9104317db7ec57fd5e065b8 https://irepository.uniten.edu.my/handle/123456789/34735 11 59661 59674 All Open Access Gold Open Access Institute of Electrical and Electronics Engineers Inc. Scopus |
institution |
Universiti Tenaga Nasional |
building |
UNITEN Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Tenaga Nasional |
content_source |
UNITEN Institutional Repository |
url_provider |
http://dspace.uniten.edu.my/ |
topic |
Authenticated encryption integrity message authentication code nonce-based AE parallel AE privacy side-channel attacks sponge-based AE tag length variable stretch Authentication C (programming language) Authenticated encryption Cipher Code Integrity Message authentication codes Nonce-based authenticated encryption Parallel authenticated encryption Privacy Security Side-channel attacks Sponge-based authenticated encryption Tag length Variable stretch Side channel attack |
spellingShingle |
Authenticated encryption integrity message authentication code nonce-based AE parallel AE privacy side-channel attacks sponge-based AE tag length variable stretch Authentication C (programming language) Authenticated encryption Cipher Code Integrity Message authentication codes Nonce-based authenticated encryption Parallel authenticated encryption Privacy Security Side-channel attacks Sponge-based authenticated encryption Tag length Variable stretch Side channel attack Jimale M.A. Abdullah N.A. Kiah M.L.B.M. Idris M.Y.I. Z'Aba M.R. Jamil N. Rohmad M.S. Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection |
description |
Authenticated Encryption (AE) protects confidentiality and integrity at the same time. The sponge construction is based on an iterated permutation or transformation that can be used to implement hashing, and AE schemes, among others. Sponge-based AE schemes offer desirable characteristics like parallelizability and incrementality. In addition, they provide security features such as protection against Chosen Plaintext Attacks, Chosen-Ciphertext Attacks, and Side-Channel Attacks (SCAs). Traditionally AE schemes assume the tag length, also called the stretch, as a fixed parameter per key, and the security is proved according to that assumption. However, the variable tag length per key could happen due to misconfiguration or misuse. In that case, the security would be violated, so it is vital to accommodate variable tag length without sacrificing other desirable features. Reyhanitabar et al. proposed Key Equivalent Separation by Stretch feature and concretized it for protection against tag length misuse attacks in block cipher-based AE schemes. However, the problem remains unresolved for sponge-based constructions, where current sponge-based schemes are vulnerable to tag length variation under the same key attacks. This work aims to bridge this gap by proposing a parallel, sponge-based AE scheme with a variable tag length per key that protects against SCAs and suggesting a lower bound for the recommended tag length. Finally, the security of the proposed scheme is discussed, and its performance is analyzed after implementing the proposed AE scheme in the C programming language. � 2013 IEEE. |
author2 |
57440872300 |
author_facet |
57440872300 Jimale M.A. Abdullah N.A. Kiah M.L.B.M. Idris M.Y.I. Z'Aba M.R. Jamil N. Rohmad M.S. |
format |
Article |
author |
Jimale M.A. Abdullah N.A. Kiah M.L.B.M. Idris M.Y.I. Z'Aba M.R. Jamil N. Rohmad M.S. |
author_sort |
Jimale M.A. |
title |
Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection |
title_short |
Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection |
title_full |
Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection |
title_fullStr |
Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection |
title_full_unstemmed |
Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection |
title_sort |
sponge-based parallel authenticated encryption with variable tag length and side-channel protection |
publisher |
Institute of Electrical and Electronics Engineers Inc. |
publishDate |
2024 |
_version_ |
1814060132232855552 |
score |
13.222552 |