ICEPOLE: High-Speed, Hardware-Oriented Authenticated Encryption

  • Paweł Morawiecki
  • Kris Gaj
  • Ekawat Homsirikamol
  • Krystian Matusiewicz
  • Josef Pieprzyk
  • Marcin Rogawski
  • Marian Srebrny
  • Marcin Wójcik
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8731)


This paper introduces our dedicated authenticated encryption scheme ICEPOLE. ICEPOLE is a high-speed hardware-oriented scheme, suitable for high-throughput network nodes or generally any environment where specialized hardware (such as FPGAs or ASICs) can be used to provide high data processing rates. ICEPOLE-128 (the primary ICEPOLE variant) is very fast. On the modern FPGA device Virtex 6, a basic iterative architecture of ICEPOLE reaches 41 Gbits/s, which is over 10 times faster than the equivalent implementation of AES-128-GCM. The throughput-to-area ratio is also substantially better when compared to AES-128-GCM. We have carefully examined the security of the algorithm through a range of cryptanalytic techniques and our findings indicate that ICEPOLE offers high security level.


authenticated encryption scheme authenticated cipher ICEPOLE 


  1. 1.
    CAESAR: Competition for Authenticated Encryption: Security, Applicability, and Robustness,
  2. 2.
    Aumasson, J.P., Meier, W.: Zero-sum distinguishers for reduced Keccak-f and for the core functions of Luffa and Hamsi. Tech. rep., NIST mailing list (2009)Google Scholar
  3. 3.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: On the Indifferentiability of the Sponge Construction. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 181–197. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  4. 4.
    Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: On the security of the keyed sponge construction. Symmetric Key Encryption Workshop (SKEW) (February 2011)Google Scholar
  5. 5.
    Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Permutation-based encryption, authentication and authenticated encryption (July 2012)Google Scholar
  6. 6.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Cryptographic sponges,
  7. 7.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak sponge function family main document,
  8. 8.
    Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Duplexing the sponge: single-pass authenticated encryption and other applications. Cryptology ePrint Archive, Report 2011/499 (2011),
  9. 9.
    Biham, E., Shamir, A.: Differential Cryptanalysis of DES-like Cryptosystems. Journal of Cryptology 4(1), 3–72 (1991)MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Biryukov, A., Wagner, D.: Slide attacks. In: FSE, pp. 245–259 (1999)Google Scholar
  11. 11.
    Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Information Security and Cryptography. Springer (2002)Google Scholar
  12. 12.
    Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol. Tech. rep., Network Working Group (2008)Google Scholar
  13. 13.
    Dinur, I., Dunkelman, O., Shamir, A.: Collision attacks on up to 5 rounds of sha-3 using generalized internal differentials. Cryptology ePrint Archive, Report 2012/672 (2012),
  14. 14.
    Dinur, I., Shamir, A.: Cube attacks on tweakable black box polynomials. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  15. 15.
    Duc, A., Guo, J., Peyrin, T., Wei, L.: Unaligned Rebound Attack - Application to Keccak. Cryptology ePrint Archive, Report 2011/420 (2011)Google Scholar
  16. 16.
    Freier, A., Karlton, P., Kocher, P.: The Secure Sockets Layer (SSL) Protocol. Tech. rep., Internet Engineering Task Force, IETF (2011)Google Scholar
  17. 17.
    Gaj, K., Kaps, J.-P., Amirineni, V., Rogawski, M., Homsirikamol, E., Brewster, B.Y.: ATHENa - Automated Tool for Hardware EvaluatioN: Toward Fair and Comprehensive Benchmarking of Cryptographic Hardware Using FPGAs. In: FPL, pp. 414–421 (2010)Google Scholar
  18. 18.
    Homsirikamol, E., Morawiecki, P., Rogawski, M., Srebrny, M.: Security margin evaluation of SHA-3 contest finalists through SAT-based attacks. In: Cortesi, A., Chaki, N., Saeed, K., Wierzchoń, S. (eds.) CISIM 2012. LNCS, vol. 7564, pp. 56–67. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  19. 19.
    Junod, P., Vaudenay, S.: Perfect diffusion primitives for block ciphers. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 84–99. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  20. 20.
    Khovratovich, D., Nikolić, I.: Rotational cryptanalysis of ARX. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 333–346. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  21. 21.
    Matsui, M., Yamagishi, A.: A new method for known plaintext attack of FEAL cipher. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 81–91. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  22. 22.
    Morawiecki, P., Pieprzyk, J., Srebrny, M.: Rotational cryptanalysis of round-reduced Keccak. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 241–262. Springer, Heidelberg (2014)Google Scholar
  23. 23.
    National Institute of Standards and Technology: Recommendations for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC. NIST special publication 800-38D (November 2007)Google Scholar
  24. 24.
    Rivest, R., Agre, B., Bailey, D.V., Crutchfield, C., Dodis, Y., Fleming, K.E., Khan, A., Krishnamurthy, J., Lin, Y., Reyzin, L., Shen, E., Sukha, J., Sutherland, D., Tromer, E., Yin, Y.L.: The MD6 hash function,
  25. 25.
    Soos, M.: CryptoMiniSat 2.5.0. In: SAT Race competitive event booklet (July 2010),

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Paweł Morawiecki
    • 1
    • 2
  • Kris Gaj
    • 5
  • Ekawat Homsirikamol
    • 5
  • Krystian Matusiewicz
    • 8
  • Josef Pieprzyk
    • 3
    • 4
  • Marcin Rogawski
    • 7
  • Marian Srebrny
    • 1
    • 2
  • Marcin Wójcik
    • 6
  1. 1.Institute of Computer SciencePolish Academy of SciencesPoland
  2. 2.Section of InformaticsUniversity of CommerceKielcePoland
  3. 3.Department of ComputingMacquarie UniversityAustralia
  4. 4.Electrical Engineering and Computer Science School, Science and Engineering FacultyQueensland University of TechnologyBrisbaneAustralia
  5. 5.Cryptographic Engineering Research GroupGeorge Mason UniversityUSA
  6. 6.Cryptography and Information Security GroupUniversity of BristolUnited Kingdom
  7. 7.Cadence Design SystemsSan JoseUSA
  8. 8.IntelGdańskPoland

Personalised recommendations