Abstract
We study authenticated encryption (AE) modes dedicated to very short messages, which are crucial for Internet-of-things applications. Since the existing general-purpose AE modes need at least three block cipher calls for non-empty messages, we explore the design space for AE modes that use at most two calls. We proposed a family of AE modes, dubbed \(\textsf {Manx}\), that work when the total input length is less than 2n bits, using an n-bit block cipher. Notably, the second construction of \(\textsf {Manx}\) can encrypt almost n-bit plaintext and saves one or two block cipher calls from the standard modes, such as \(\textsf{GCM} \) or \(\textsf{OCB} \), keeping the comparable provable security. We also present benchmarks on popular 8/32-bit microprocessors using AES. Our result shows the clear advantage of \(\textsf {Manx}\) over the previous modes for such short messages.
K. Minematsu—This work was conducted as part of his duties at Yokohama National University.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
We mean the latest OCB3 [25] throughout the paper.
- 2.
Manx are felines with very short tails.
- 3.
- 4.
This can happen e.g. \(\textsf {vencode}(N,A)=(A,N)\) with |A| fixed to n.
- 5.
References
Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC. NIST Special Publication 800–38D (2007). National Institute of Standards and Technology
Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality. NIST Special Publication 800–38C (2007). National Institute of Standards and Technology
Sigfox Technical Overview (2017). https://www.ismac-nc.net/wp/wp-content/uploads/2017/08/sigfoxtechnicaloverviewjuly2017-170802084218.pdf. Accessed 23 Jan 2023
Submission Requirements and Evaluation Criteria for the Lightweight Cryptography Standardization Process (2018). https://csrc.nist.gov/CSRC/media/Projects/Lightweight-Cryptography/documents/final-lwc-submission-requirements-august2018.pdf. Accessed 23 Jan 2023
EnOcean Serial Protocol 3 (ESP3) Specification (2020). https://www.enocean.com/wp-content/uploads/Knowledge-Base/EnOceanSerialProtocol3.pdf. Accessed 23 Jan 2023
Adomnicai, A., Peyrin, T.: Fixslicing AES-like ciphers. IACR TCHES 2021(1), 402–425 (2021). https://doi.org/10.46586/tches.v2021.i1.402-425, https://tches.iacr.org/index.php/TCHES/article/view/8739
Andreeva, E., Lallemand, V., Purnal, A., Reyhanitabar, R., Roy, A., Vizár, D.: ForkAE. A submission to NIST Lightweight Cryptography (2019)
Andreeva, E., Lallemand, V., Purnal, A., Reyhanitabar, R., Roy, A., Vizár, D.: Forkcipher: a new primitive for authenticated encryption of very short messages. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019, Part II. LNCS, vol. 11922, pp. 153–182. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-34621-8_6
Banik, S., et al.: GIFT-COFB. A submission to NIST Lightweight Cryptography (2019)
Banik, S., Pandey, S.K., Peyrin, T., Sasaki, Yu., Sim, S.M., Todo, Y.: GIFT: a small present. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 321–345. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_16
Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: FOCS, pp. 394–403. IEEE Computer Society (1997)
Bellare, M., Goldreich, O., Mityagin, A.: The power of verification queries in message authentication and authenticated encryption. Cryptology ePrint Archive, Report 2004/309 (2004). https://eprint.iacr.org/2004/309
Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44448-3_41
Bellare, M., Ng, R., Tackmann, B.: Nonces are noticed: AEAD revisited. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019, Part I. LNCS, vol. 11692, pp. 235–265. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26948-7_9
Bellare, M., Rogaway, P.: Encode-then-encipher encryption: how to exploit nonces or redundancy in plaintexts for efficient cryptography. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 317–330. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44448-3_24
Bos, J.W., Osvik, D.A., Stefan, D.: Fast Implementations of AES on Various Platforms. Cryptology ePrint Archive, Paper 2009/501 (2009). https://eprint.iacr.org/2009/501
Chakraborti, A., Iwata, T., Minematsu, K., Nandi, M.: Blockcipher-Based authenticated encryption: how small can we go? In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 277–298. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_14
Dobraunig, C., Eichlseder, M., Mendel, F., Schläffer, M.: Ascon. A submission to NIST Lightweight Cryptography (2019)
Guo, C., Iwata, T., Khairallah, M., Minematsu, K., Peyrin, T.: Romulus. A submission to NIST Lightweight Cryptography (2019)
Iwata, T., Kurosawa, K.: OMAC: one-key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129–153. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-39887-5_11
Iwata, T., Minematsu, K., Guo, J., Morioka, S.: CLOC: authenticated encryption for short input. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 149–167. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46706-0_8
Katz, J., Yung, M.: Unforgeable encryption and chosen ciphertext secure modes of operation. In: Goos, G., Hartmanis, J., van Leeuwen, J., Schneier, B. (eds.) FSE 2000. LNCS, vol. 1978, pp. 284–299. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44706-7_20
Khovratovich, D.: Key wrapping with a fixed permutation. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 481–499. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-04852-9_25
Kim, Y., Seo, S.C.: Efficient implementation of AES and CTR_DRBG on 8-Bit AVR-based sensor nodes. IEEE Access 9, 30496–30510 (2021). https://doi.org/10.1109/ACCESS.2021.3059623
Krovetz, T., Rogaway, P.: The software performance of authenticated-encryption modes. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 306–327. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21702-9_18
van Laethem, A.: Optimizing constant bitshifts on AVR (2021). https://aykevl.nl/2021/02/avr-bitshift. Accessed 23 Jan 2023
Liskov, M., Rivest, R.L., Wagner, D.: Tweakable block ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31–46. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45708-9_3
Malik, H., Alam, M.M., Moullec, Y.L., Kuusik, A.: NarrowBand-IoT performance analysis for healthcare applications. ANT/SEIT. Procedia Comput. Sci. 130, 1077–1083. Elsevier (2018)
Minematsu, K.: Improved security analysis of XEX and LRW modes. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 96–113. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74462-7_8
Poettering, B.: AVRAES: The AES block cipher on AVR controllers. http://point-at-infinity.org/avraes/. Accessed 23 Jan 2023
Rogaway, P.: Authenticated-encryption with associated-data. In: Atluri, V. (ed.) ACM CCS 2002, pp. 98–107. ACM Press, November 2002. https://doi.org/10.1145/586110.586125
Rogaway, P.: Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 16–31. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30539-2_2
Rogaway, P., Shrimpton, T.: A provable-security treatment of the Key-Wrap problem. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 373–390. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_23
Acknowledgements
We thank Yoshinori Aono and Takenobu Seito for the fruitful discussions.
This research was in part conducted under a contract of “Research and development on IoT malware removal/make it non-functional technologies for effective use of the radio spectrum” among “Research and Development for Expansion of Radio Wave Resources (JPJ000254)”, which was supported by the Ministry of Internal Affairs and Communications, Japan. This work was in part supported by JSPS KAKENHI Grant Number JP22K19773.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Adomnicăi, A., Minematsu, K., Shikata, J. (2023). Authenticated Encryption for Very Short Inputs. In: Rosulek, M. (eds) Topics in Cryptology – CT-RSA 2023. CT-RSA 2023. Lecture Notes in Computer Science, vol 13871. Springer, Cham. https://doi.org/10.1007/978-3-031-30872-7_21
Download citation
DOI: https://doi.org/10.1007/978-3-031-30872-7_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-30871-0
Online ISBN: 978-3-031-30872-7
eBook Packages: Computer ScienceComputer Science (R0)