Sammanfattning
In this paper, we present two new provable nonce-misuseresistant
AEAD modes based on tweakable block ciphers and universal
hash functions. These new modes target equipping high-speed applications
with nonce-misuse-resistant AEAD (MRAE). The first mode, Low
Latency Synthetic IV (LLSIV), targets similar performance on single-core
platforms to SCT-2, while eliminating the bottlenecks that make SCT-2
not fully parallelizable. The enhanced parallelism allows LLSIV to encrypt
significantly more blocks on parallel platforms, compared to SCT-2, in
the same amount of time. It is based on the NaT MAC. The second
mode is Low Latency Decryption-Fast SIV (LLDFV) which offers rate-1
decryption along side parallelizable low-latency encryption. It is faster
than decryption-fast SIV (DFV) on all platforms. We also propose LLSIV
with a reduced-round TBC in an adhoc mode of operation that we label
as pruned LLSIV (pLLSIV). This leads to a significant performance improvement,
making pLLSIV even faster than online TBC-based schemes
that are not MRAE-secure. We evaluate the performance of LLSIV and
pLLSIV using a pipelined FPGA architecture.
AEAD modes based on tweakable block ciphers and universal
hash functions. These new modes target equipping high-speed applications
with nonce-misuse-resistant AEAD (MRAE). The first mode, Low
Latency Synthetic IV (LLSIV), targets similar performance on single-core
platforms to SCT-2, while eliminating the bottlenecks that make SCT-2
not fully parallelizable. The enhanced parallelism allows LLSIV to encrypt
significantly more blocks on parallel platforms, compared to SCT-2, in
the same amount of time. It is based on the NaT MAC. The second
mode is Low Latency Decryption-Fast SIV (LLDFV) which offers rate-1
decryption along side parallelizable low-latency encryption. It is faster
than decryption-fast SIV (DFV) on all platforms. We also propose LLSIV
with a reduced-round TBC in an adhoc mode of operation that we label
as pruned LLSIV (pLLSIV). This leads to a significant performance improvement,
making pLLSIV even faster than online TBC-based schemes
that are not MRAE-secure. We evaluate the performance of LLSIV and
pLLSIV using a pipelined FPGA architecture.
Originalspråk | engelska |
---|---|
Titel på värdpublikation | Selected Areas of Cryptography 2024 |
Status | Accepted/In press - 2024 |
Evenemang | Selected Areas in Cryptography 2024 - Montreal, Kanada Varaktighet: 2024 aug. 26 → 2024 aug. 30 |
Konferens
Konferens | Selected Areas in Cryptography 2024 |
---|---|
Land/Territorium | Kanada |
Ort | Montreal |
Period | 2024/08/26 → 2024/08/30 |
Ämnesklassifikation (UKÄ)
- Datorteknik