Academic Journal
Beyond conventional security in sponge-based authenticated encryption modes
| العنوان: | Beyond conventional security in sponge-based authenticated encryption modes |
|---|---|
| المؤلفون: | Jovanovic, Philipp, Luykx, Atul, Mennink, Bart, Sasaki, Yu, Yasuda, Kan |
| المصدر: | Journal of Cryptology , 32 pp. 895-940. (2023) |
| بيانات النشر: | Springer Verlag |
| سنة النشر: | 2023 |
| المجموعة: | University College London: UCL Discovery |
| مصطلحات موضوعية: | Authenticated encryption, CAESAR, Ascon, CBEAM, ICEPOLE, Keyak, NORX, PRIMATEs, STRIBOB, Multi-collisions. |
| الوصف: | The Sponge function is known to achieve 2c/2 security, where c is its capacity. This bound was carried over to its keyed variants, such as SpongeWrap, to achieve a min{2c/2, 2κ } security bound, with κ the key length. Similarly, many CAESAR competition submissions were designed to comply with the classical 2c/2 security bound. We show that Sponge-based constructions for authenticated encryption can achieve the significantly higher bound of min{2b/2, 2c, 2κ }, with b > c the permutation size, by proving that the CAESAR submission NORX achieves this bound. The proof relies on rigorous computation of multi-collision probabilities, which may be of independent interest. We additionally derive a generic attack based on multi-collisions that matches the bound. We show how to apply the proof to five other Sponge-based CAESAR submissions: Ascon, CBEAM/STRIBOB, ICEPOLE, Keyak, and two out of the three PRIMATEs. A direct application of the result shows that the parameter choices of some of these submissions are overly conservative. Simple tweaks render the schemes considerably more efficient without sacrificing security. We finally consider the remaining one of the three PRIMATEs, APE, and derive a blockwise adaptive attack in the noncerespecting setting with complexity 2c/2, therewith demonstrating that the techniques cannot be applied to APE. |
| نوع الوثيقة: | article in journal/newspaper |
| وصف الملف: | text |
| اللغة: | English |
| Relation: | https://discovery.ucl.ac.uk/id/eprint/10182191/1/Beyond%20Conventional%20Security%20in%20Sponge-Based%20Authenticated%20Encryption%20Modes.pdf; https://discovery.ucl.ac.uk/id/eprint/10182191/ |
| الاتاحة: | https://discovery.ucl.ac.uk/id/eprint/10182191/1/Beyond%20Conventional%20Security%20in%20Sponge-Based%20Authenticated%20Encryption%20Modes.pdf https://discovery.ucl.ac.uk/id/eprint/10182191/ |
| Rights: | open |
| رقم الانضمام: | edsbas.A8FF06AC |
| قاعدة البيانات: | BASE |
| الوصف غير متاح. |