A Blockcipher Based Authentication Encryption

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9817)

Abstract

Authentication encryption \(\left( \text {AE}\right) \) is a procedure that satisfies both privacy and authenticity on the data. It has many applications in the field of secure data communication such as digital signatures, ip-security, data-authentication, e-mail security, and security of pervasive computing. Additionally, the AE is a potential primitive of security solution for IoT-end device, RfID, and constrained device. Though there are many constructions of AE, but the most important argument is whether the AE is secure under nonce-reuse or nonce-respect. As far our understanding, the McOE is the pioneer construction of nonce-reuse AE. Following that, many schemes have been proposed such as APE, PoE, TC, COPA, ElmE, ElmD, COBRA, and Minalphar. However, Hoang et al. \(\left( \text {OAE}1\right) \) claimed that the concept of nonce-reuse in the AE is not secure and proper. Hence, a door is re-opened for the nonce-respect AE. Moreover, the construction of AE should satisfies the properties of efficiency and upper security bound due to limitation of power and memory for the constrained device. Therefore, we propose a blockcipher based AE that satisfies upper privacy security bound \(\left( \text {Priv}=O\left( 2^{2n/3}\right) \right) \) and it operates in parallel mode. It doesn’t need decryption oracle in the symmetric encryption module of the AE. The proposed construction satisfies padding free encryption. Furthermore, the efficiency-rate of the proposed scheme is 1.

Keywords

Blockcipher Constrained device Authentication Compression function 

References

  1. 1.
    Rogaway, P.: Evaluation of Some Blockcipher Modes of Operation (2011). http://web.cs.ucdavis.edu/rogaway/papers/modes.pdf
  2. 2.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography, 5th edn. CRC Press, Boca Raton (2001)MATHGoogle Scholar
  3. 3.
    Stallings, W.: Data & Computer Communications, 10th edn. Pearson, Boston (2013)MATHGoogle Scholar
  4. 4.
    Hanaoka, G., Zheng, Y., Imai, H.: LITESET: a light-weight secure electronic transaction protocol. In: Boyd, C., Dawson, E. (eds.) ACISP 1998. LNCS, vol. 1438, pp. 215–226. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  5. 5.
    Kim, H., Kim, T.: Design on mobile secure electronic transaction protocol with component based development. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3043, pp. 461–470. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Cao, L.-C.: Improving security of SET protocol based on ECC. In: Gong, Z., Luo, X., Chen, J., Lei, J., Wang, F.L. (eds.) WISM 2011, Part I. LNCS, vol. 6987, pp. 234–241. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. 7.
    Lorenz, M.: Authentication and transaction security in e-business. In: Fischer-Hübner, S., Duquenoy, P., Zuccato, A., Martucci, L. (eds.) The Future of Identity in the Information Society, vol. 262, pp. 175–197. Springer, Heidelberg (2008)Google Scholar
  8. 8.
    Bailey, D.V., Brainard, J., Rohde, S., Paar, C.: Wireless authentication and transaction-confirmation token. In: Obaidat, M.S., Filipe, J. (eds.) ICETE 2009. CCIS, vol. 130, pp. 186–198. Springer, Heidelberg (2011)Google Scholar
  9. 9.
    Subpratatsavee, P., Kuacharoen, P.: Transaction authentication using HMAC-based one-time password and QR code. In: Park, J.J.J.H., Stojmenovic, I., Jeong, H.Y., Yi, G. (eds.) Computer Science and Its Applications. LNEE, vol. 330, pp. 93–98. Springer, Heidelberg (2015)Google Scholar
  10. 10.
    Zhang, L., Wu, W., Wang, P.: Extended models for message authentication. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 286–301. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Atzori, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010). ElsevierCrossRefMATHGoogle Scholar
  12. 12.
    Zhou, Z., Tsang, K.F., Zhao, Z., Gaalou, W.: Data intelligence on the Internet of Things. Pers. Ubiquit. Comput. 20, 277–281 (2016). doi: 10.1007/s00779-016-0912_1. SpringerCrossRefGoogle Scholar
  13. 13.
    Coppola, P., Mea, V.D., Gaspero, L.D., Lomuscio, R., Mischis, D., Mizzaro, S., Nazzi, E., Scagnetto, I., Vassena, L.: AI techniques in a context-aware ubiquitous environment. In: Hassanien, A.E., Abawajy, J.H., Abraham, A., Hagras, H. (eds.) Pervasive Computing. Computer Communications and Networks. Springer, Heidelberg (2009)Google Scholar
  14. 14.
    Zhao, K., Ge, L.: A survey on the internet of things security. In: 9th CIS, pp. 663–667. IEEE (2013). ISBN 978-1-4799-2548-3Google Scholar
  15. 15.
    Mennink, B.: Embedded security for internet of things. In: 2nd NCETACS, pp. 1–6. IEEE (2011). ISBN 978-1-4244-9578-8Google Scholar
  16. 16.
    Zanella, A., Bui, N., Castellani, A., Vangelista, L., Zorzi, M.: Internet of things for smart cities. IEEE Internet Things J. 1(1), 22–32 (2014)CrossRefGoogle Scholar
  17. 17.
    Özen, O., Stam, M.: Another glance at double-length hashing. In: Parker, M.G. (ed.) Cryptography and Coding 2009. LNCS, vol. 5921, pp. 176–201. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  18. 18.
    Andreeva, E., Bogdanov, A., Luykx, A., Mennink, B., Tischhauser, E., Yasuda, K.: Parallelizable and authenticated online ciphers. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 424–443. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  19. 19.
    Andreeva, E., Bilgin, B., Bogdanov, A., Luykx, A., Mennink, B., Mouha, N., Yasuda, K.: APE: authenticated permutation-based encryption for lightweight cryptography. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 168–186. Springer, Heidelberg (2015)Google Scholar
  20. 20.
    Abed, F., Fluhrer, S., Forler, C., List, E., Lucks, S., McGrew, D., Wenzel, J.: Pipelineable on-line encryption. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 205–223. Springer, Heidelberg (2015)Google Scholar
  21. 21.
    Fleischmann, E., Forler, C., Lucks, S.: McOE: a family of almost foolproof on-line authenticated encryption schemes. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 196–215. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  22. 22.
    Rogaway, P.: Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 16–31. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  23. 23.
    Yasuda, K.: A new variant of PMAC: beyond the birthday bound. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 596–609. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  24. 24.
    Naito, Y.: Full PRF-secure message authentication code based on tweakable block cipher. In: Chakraborty, S. (ed.) ProvSec 2015. LNCS, vol. 9451, pp. 167–182. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-26059-4_9 Google Scholar
  25. 25.
    Yau, A.K.L., Paterson, K.G., Mitchell, C.J.: Padding Oracle attacks on CBC-mode encryption with secret and random IVs. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 299–319. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  26. 26.
    Lee, T., Kim, J.-S., Lee, C.-H., Sung, J., Lee, S.-J., Hong, D.: Padding oracle attacks on multiple modes of operation. In: Park, C., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, pp. 343–351. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  27. 27.
    Paterson, K.G., Yau, A.K.L.: Padding oracle attacks on the ISO CBC mode encryption standard. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 305–323. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  28. 28.
    Black, J.A., Rogaway, P., Shrimpton, T.: Black-box analysis of the block-cipher-based hash-function constructions from PGV. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 320–335. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  29. 29.
    Black, J.A., Rogaway, P., Shrimpton, T., Stam, M.: An analysis of the blockcipher-based hash functions from PGV. J. Cryptol. 23, 519–545 (2010)MathSciNetCrossRefMATHGoogle Scholar
  30. 30.
    Miyaji, A., Mazumder, R.: A new (n, 2n) double block length hash function based on single key scheduling. In: AINA, pp. 564–570. IEEE (2015)Google Scholar
  31. 31.
    Hirose, S., Ideguchi, K., Kuwakado, H., Owada, T., Preneel, B., Yoshida, H.: A lightweight 256-bit hash function for hardware and low-end devices: lesamnta-LW. In: Rhee, K.-H., Nyang, D.H. (eds.) ICISC 2010. LNCS, vol. 6829, pp. 151–168. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  32. 32.
    Shirai, Taizo, Shibutani, Kyoji, Akishita, Toru, Moriai, Shiho, Iwata, Tetsu: The 128-bit blockcipher CLEFIA (Extended Abstract). In: Biryukov, Alex (ed.) FSE 2007. LNCS, vol. 4593, pp. 181–195. Springer, Heidelberg (2007). IACR archive, https://www.iacr.org/archive/fse2007/45930182/45930182.pdf CrossRefGoogle Scholar
  33. 33.
    Yoshida, H.: On the standardization of cryptographic application techniques for IoT devices in ITU techniques for IoT devices in ITU-T and ISO/IEC JTC 1 T and ISO/IEC JTC1 (2015). https://www.ietf.org/proceedings/94/slides/slides-94-saag-2.pdf,
  34. 34.
    Bellare, M., Rogaway, P.: The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 409–426. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  35. 35.
    Hoang, V.T., Reyhanitabar, R., Rogaway, P., Damian, V.: Online authenticated-encryption and its nonce-reuse misuse-resistance. In: Gennaro, R., Robshaw, M. (eds.) Advances in Cryptology – CRYPTO 2015. LNCS, vol. 9215, pp. 493–517. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  36. 36.
    Iwata, T., Minematsu, K., Guo, J., Morioka, S.: CLOC: authenticated encryption for short input. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 149–167. Springer, Heidelberg (2015)Google Scholar
  37. 37.
    Iwata, T., Minematsu, K., Guo, J., Morioka, S., Kobayashi, E.: SILC: SImple Lightweight CFB. DIAC Competitions. https://competitions.cr.yp.to/round2/silcv2.pdf
  38. 38.
    Minematsu, K.: Parallelizable rate-1 authenticated encryption from pseudorandom functions. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 275–292. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  39. 39.
    Chang, D., R., S.M., Sanadhya, S.K.: PPAE: practical parazoa authenticated encryption family. In: Au, M.-H., Miyaji, A. (eds.) ProvSec 2015. LNCS, vol. 9451, pp. 198–211. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-26059-4_11 Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2016

Authors and Affiliations

  1. 1.Graduate School of EngineeringOsaka UniversityOsakaJapan
  2. 2.Japan Advanced Institute of Science and TechnologyNomiJapan
  3. 3.Japan Science and Technology Agency (JST) CRESTTokyoJapan

Personalised recommendations