π-Cipher: Authenticated Encryption for Big Data

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8788)


In today’s world of big data and rapidly increasing telecommunications, using secure cryptographic primitives that are parallelizable and incremental is becoming ever more important design goal. π-Cipher is parallel, incremental, nonce based authenticated encryption cipher with associated data. It is designed with the special purpose of providing confidentiality and integrity for big data in transit or at rest. It has, as an option, a secret part of the nonce which provides noncemisuse resistance. The design involves operations of several solid cryptographic concepts such as the Encrypt-then-MAC principle, the XOR MAC scheme and the two-pass sponge construction. It contains parameters that can provide the functionality of tweakable block ciphers for authenticated encryption of data at rest. The security of the cipher relies on the core permutation function based on ARX (Addition, Rotation and XOR) operations. π-Cipher offers several security levels ranging from 96 to 256 bits.


Authenticated encryption AEAD parallelizability incrementality nonce-misuse resistance sponge construction 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bellare, M., Guérin, R., Rogaway, P.: XOR MACs: New methods for message authentication using finite pseudorandom functions. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 15–28. Springer, Heidelberg (1995)Google Scholar
  2. 2.
    Bernstein, D.J.: Caesar: Competition for authenticated encryption: Security, applicability, and robustness. CAESAR web page (2013),
  3. 3.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: On the indifferentiability of the sponge construction. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 181–197. Springer, Heidelberg (2008)Google Scholar
  4. 4.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Duplexing the sponge: Single-pass authenticated encryption and other applications. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 320–337. Springer, Heidelberg (2012)Google Scholar
  5. 5.
    Cisco. Cisco visual networking index: Forecast and methodology, 2012-2017. White Paper (May 2013),
  6. 6.
    Ferguson, N., Whiting, D., Housley, R.: Counter with cbc-mac (ccm). IETF Request for Comments: 3610 (September 2003),
  7. 7.
    EMC: The emc digital universe study – with research and analysis by idc. Open Report (April 2014),
  8. 8.
    Electronics Freedom and Tech. Historical cost of computer memory and storage. (February 2013),
  9. 9.
    Gligoroski, D., Mihajloska, H., Jacobsen, H.: Should MAC’s retain hash properties when the key is known in the next AEAD? Presentation at DIAC 2013 (2013),
  10. 10.
    Gligoroski, D., Mihajloska, H., Samardjiska, S., Jacobsen, H., El-Hadedy, M., Jensen, R.E.: π-cipher v1. Cryptographic competitions: CAESAR (2014),
  11. 11.
    Gligoroski, D., Ødegård, R.S., Mihova, M., Knapskog, S.J., Kocarev, L., Drápal, A., Klima, V.: Cryptographic hash function EDON-\(\mathcal{R}'\). In: 1st International Workshop on Security and Communication Networks, Trondheim, Norway, pp. 85–95. IEEE (May 2009)Google Scholar
  12. 12.
    Gueron, S.: Intel’s new AES instructions for enhanced performance and security. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 51–66. Springer, Heidelberg (2009)Google Scholar
  13. 13.
    IDEMA. The advent of advanced format. (2013),
  14. 14.
    Jutla, C.S.: Encryption modes with almost free message integrity. Cryptology ePrint Archive, Report 2000/039 (2000),
  15. 15.
    Jutla, C.S.: Encryption modes with almost free message integrity. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 529–544. Springer, Heidelberg (2001)Google Scholar
  16. 16.
    Leurent, G.: Tag Second-preimage Attack against π-cipher (March 2014)Google Scholar
  17. 17.
    Wagner, D., Bellare, M., Rogaway, P.: A conventional authenticated-encryption mode. NIST Modes Operation Symmetric Key Block Ciphers (2003),
  18. 18.
    McGrew, D.A., Viega, J.: The galois/counter mode of operation (gcm). NIST Modes Operation Symmetric Key Block Ciphers (2005),
  19. 19.
    Morawiecki, P., Pieprzyk, J.: Parallel authenticated encryption with the duplex construction. Cryptology ePrint Archive, Report 2013/658 (2013),
  20. 20.
    Mytkowicz, T., Diwan, A., Hauswirth, M., Sweeney, P.F.: Producing wrong data without doing anything obviously wrong! In: Proceedings of the 14th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS XIV, pp. 265–276. ACM, New York (2009)Google Scholar
  21. 21.
    National Institute of Standards and Technology (NIST). Modes development. Computer Security Resource Center (2000),
  22. 22.
    Rogaway, P., Bellare, M., Black, J., Krovetz, T.: Ocb: a block-cipher mode of operation for efficient authenticated encryption. In: Reiter, M.K., Samarati, P. (eds.) ACM Conference on Computer and Communications Security, pp. 196–205. ACM (2001)Google Scholar
  23. 23.
    Wagner, D.: A generalized birthday problem. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 288–303. Springer, Heidelberg (2002)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  1. 1.ITEMNTNUTrondheimNorway
  2. 2.FCSE, ”Ss Cyril and Methodius” UniversitySkopjeRepublic of Macedonia
  3. 3.IDINTNUTrondheimNorway
  4. 4.Supported by the COINS ResearchSchool of Computer and Information SecurityTrondheimNorway

Personalised recommendations