Sponge-Based Parallel Authenticated Encryption With Variable Tag Length and Side-Channel Protection

Document Type

Article

Publication Date

1-1-2023

Abstract

Authenticated Encryption (AE) protects confidentiality and integrity at the same time. The sponge construction is based on an iterated permutation or transformation that can be used to implement hashing, and AE schemes, among others. Sponge-based AE schemes offer desirable characteristics like parallelizability and incrementality. In addition, they provide security features such as protection against Chosen Plaintext Attacks, Chosen-Ciphertext Attacks, and Side-Channel Attacks (SCAs). Traditionally AE schemes assume the tag length, also called the stretch, as a fixed parameter per key, and the security is proved according to that assumption. However, the variable tag length per key could happen due to misconfiguration or misuse. In that case, the security would be violated, so it is vital to accommodate variable tag length without sacrificing other desirable features. Reyhanitabar et al. proposed Key Equivalent Separation by Stretch feature and concretized it for protection against tag length misuse attacks in block cipher-based AE schemes. However, the problem remains unresolved for sponge-based constructions, where current sponge-based schemes are vulnerable to tag length variation under the same key attacks. This work aims to bridge this gap by proposing a parallel, sponge-based AE scheme with a variable tag length per key that protects against SCAs and suggesting a lower bound for the recommended tag length. Finally, the security of the proposed scheme is discussed, and its performance is analyzed after implementing the proposed AE scheme in the C programming language.

Keywords

Authenticated encryption, integrity, message authentication code, nonce-based AE, parallel AE, privacy, side-channel attacks, sponge-based AE tag length, variable stretch

Divisions

Computer

Funders

Fundamental Research Grant Scheme (FRGS) of the Ministry of Higher Education, Malaysia (FP072-2019A) ; (FRGS/1/2019/ICT05/UM/02/1)

Publication Title

IEEE Access

Volume

11

Publisher

Institute of Electrical and Electronics Engineers

Publisher Location

445 HOES LANE, PISCATAWAY, NJ 08855-4141 USA

This document is currently not available here.

Share

COinS