Nothing Special   »   [go: up one dir, main page]

What a lovely hat

Is it made out of tin foil?

Paper 2023/978

$\textsf{PAE}$: Towards More Efficient and BBB-secure AE From a Single Public Permutation

Arghya Bhattacharjee, Indian Statistical Institute
Ritam Bhaumik, École Polytechnique
Avijit Dutta, Institute for Advancing Intelligence, TCG CREST
Eik List, Nanyang Technological University
Abstract

Four recent trends have emerged in the evolution of authenticated encryption schemes: (1) Regarding simplicity, the adoption of public permutations as primitives allows for sparing a key schedule and the need for storing round keys; (2) using the sums of permutation outputs, inputs, or outputs has been a well-studied means to achieve higher security beyond the birthday bound; (3) concerning robustness, schemes should provide graceful security degradation if a limited amount of nonces repeats during the lifetime of a key, and (4) Andreeva et al.'s ForkCipher approach can increase the efficiency of a scheme since they can use fewer rounds per output branch compared to full-round primitives. In this work, we improve on the state of the art by combining those aspects for efficient authenticated encryption. We propose $\textsf{PAE}$, an efficient nonce-based AE scheme that employs a public permutation and one call to an XOR-universal hash function. $\textsf{PAE}$ provides $O(2n/3)$-bit security and high throughput by combining forked public-permutation-based variants of $\textsf{nEHtM}$ and an Encrypted Davies-Meyer. Thus, it can use a single, in part round-reduced, public permutation for most operations, spare a key schedule, and guarantee security beyond the birthday bound even under limited nonce reuse.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. ICICS
Keywords
Symmetric-key cryptographyPermutationProvable Security.
Contact author(s)
bhattacharjeearghya29 @ gmail com
ritam bhaumik @ epfl ch
avirocks dutta13 @ gmail com
eik list @ ntu edu sg
History
2023-06-23: approved
2023-06-22: received
See all versions
Short URL
https://ia.cr/2023/978
License
No rights reserved
CC0

BibTeX

@misc{cryptoeprint:2023/978,
      author = {Arghya Bhattacharjee and Ritam Bhaumik and Avijit Dutta and Eik List},
      title = {$\textsf{{PAE}}$: Towards More Efficient and {BBB}-secure {AE} From a Single Public Permutation},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/978},
      year = {2023},
      url = {https://eprint.iacr.org/2023/978}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.