Design and Analysis of Next Generation Authenticated Encryption Algorithms

Design and Analysis of Next Generation Authenticated Encryption Algorithms

Florian Mendel (ORCID: 0000-0002-8352-9799)

Disciplines

Computer Sciences (60%); Mathematics (40%)

Keywords

    Cryptography, Authenticated Encryption, Cryptanalysis, Symmetric cryptography, CAESAR initiative

Abstract Final report

Authenticated encryption is an important part in information security. Whenever two parties communicate over a network an authenticated encryption algorithm should be used to provide both privacy and authentication of the data. In most applications, there is not much value in keeping the data secret if it is not authenticated. Authenticated encryption provides a single solution that offers both confidential and authenticated communication. Example applications that rely on authenticated encryption include SSL/TLS, hard disk encryption or SSH. These are widely used to provide secure and authenticated storage of data or communication over the Internet. Unfortunately, providing both confidentiality and authenticity of information is not a trivial task. Many authenticated encryption schemes have been broken or used wrongly, which has resulted in security flaws of the overlying application. While ciphers and hash functions have received a great deal of attention from the cryptographic community due to such high-profile competitions as NIST`s AES and SHA-3 competition, as well as ECRYPT`s eSTREAM project, authenticated encryption schemes and message authentication codes have been arguably less popular among researchers. This project will contribute to the state-of-the-art research in the design and analysis of authenticated encryption algorithms. This effort is shared with the cryptographic community, which started the CAESAR competition to find better next generation authenticated encryption schemes. The first goal of the project is to analyze already established authenticated encryption schemes (e.g. AES-GCM, AES-CCM, ) to get a good view on their security margin. This will result in better and more adequate requirements for design principles of authenticated ciphers. The second goal is to design our own authenticated encryption algorithm for submission to the CAESAR competition. The third goal of the project is to extend the research to authenticated encryption algorithms of the upcoming competition. Given the novelty of most of these new designs, extensive external cryptanalysis will be needed to achieve a clear understanding of their security margin and to get new insights in these designs. Clearly, they should not be used in applications until there has been sufficient independent analysis. With enough cryptanalysis, a portfolio of next generation authenticated encryption algorithms should be ready to use by the public at the end of the CEASAR project.

Authenticated encryption is an essential part of information security. Whenever two parties communicate over a network, an authenticated encryption algorithm should be used to provide both privacy and authentication of the data. In most applications, there is not much value in keeping the data secret if it is not authenticated. Authenticated encryption provides a single solution that offers both confidential and authenticated communication. Example applications that rely on authenticated encryption include SSL/TLS, hard disk encryption or SSH. These are widely used to provide secure and authenticated storage of data or communication over the Internet.Unfortunately, providing both confidentiality and authenticity of information is not a trivial task. Many authenticated encryption schemes have been broken or misused, which has resulted in security flaws of the overlying application. While ciphers and hash functions have received a great deal of attention from the cryptographic community due to such high-profile competitions as NIST's AES and SHA-3 competition, as well as ECRYPT's eSTREAM project, authenticated encryption schemes and message authentication codes have been arguably less popular among researchers. This project contributed to the state-of-the-art research in the design and analysis of authenticated encryption algorithms. This effort was shared with the cryptographic community and was closely linked to the CAESAR competition to identify more efficient and robust authenticated encryption schemes that will be secure for the next decades. In particular, the project helped to ensure that algorithms that will be selected in the final portfolio of CAESAR have been thoroughly investigated before being used in practice. Furthermore, our submission ASCON was recently selected as one of the 7 finalists of CAESAR and thus might be (if selected for the final portfolio) implemented in many cryptographic applications in the future.
Research institution(s)
International project participants

Research Output

  • 1112 Citations
  • 47 Publications
Publications
  • 2016
    Title Practical Low Data-Complexity Subspace-Trail Cryptanalysis of Round-Reduced PRINCE
    DOI 10.1007/978-3-319-49890-4_18
    Type Book Chapter
    Author Grassi L
    Publisher Springer Nature
    Pages 322-342
  • 2016
    Title Cryptanalysis of Reduced NORX
    DOI 10.1007/978-3-662-52993-5_28
    Type Book Chapter
    Author Bagheri N
    Publisher Springer Nature
    Pages 554-574
  • 2016
    Title Forgery Attacks on Round-Reduced ICEPOLE-128
    DOI 10.1007/978-3-319-31301-6_27
    Type Book Chapter
    Author Dobraunig C
    Publisher Springer Nature
    Pages 479-492
  • 2016
    Title Subspace Trail Cryptanalysis and its Applications to AES
    DOI 10.13154/tosc.v2016.i2.192-225
    Type Journal Article
    Author Grassi L
    Journal IACR Transactions on Symmetric Cryptology
    Pages 192-225
    Link Publication
  • 2016
    Title Practical Key-Recovery Attack on MANTIS5
    DOI 10.13154/tosc.v2016.i2.248-260
    Type Journal Article
    Author Dobraunig C
    Journal IACR Transactions on Symmetric Cryptology
    Pages 248-260
    Link Publication
  • 2016
    Title Towards Fresh and Hybrid Re-Keying Schemes with Beyond Birthday Security
    DOI 10.1007/978-3-319-31271-2_14
    Type Book Chapter
    Author Dobraunig C
    Publisher Springer Nature
    Pages 225-241
  • 2017
    Title ISAP – Towards Side-Channel Secure Authenticated Encryption
    DOI 10.13154/tosc.v2017.i1.80-105
    Type Journal Article
    Author Dobraunig C
    Journal IACR Transactions on Symmetric Cryptology
    Pages 80-105
    Link Publication
  • 2017
    Title Related-Key Impossible-Differential Attack on Reduced-Round Skinny
    DOI 10.1007/978-3-319-61204-1_11
    Type Book Chapter
    Author Ankele R
    Publisher Springer Nature
    Pages 208-228
  • 2017
    Title A New Structural-Differential Property of 5-Round AES
    DOI 10.1007/978-3-319-56614-6_10
    Type Book Chapter
    Author Grassi L
    Publisher Springer Nature
    Pages 289-317
  • 2017
    Title Ascon hardware implementations and side-channel evaluation
    DOI 10.1016/j.micpro.2016.10.006
    Type Journal Article
    Author Gross H
    Journal Microprocessors and Microsystems
    Pages 470-479
  • 2017
    Title Side-Channel Analysis of Keymill
    DOI 10.1007/978-3-319-64647-3_9
    Type Book Chapter
    Author Dobraunig C
    Publisher Springer Nature
    Pages 138-152
  • 2018
    Title A unified masking approach
    DOI 10.1007/s13389-018-0184-y
    Type Journal Article
    Author Gross H
    Journal Journal of Cryptographic Engineering
    Pages 109-124
    Link Publication
  • 2018
    Title Rasta: A Cipher with Low ANDdepth and Few ANDs per Bit
    DOI 10.1007/978-3-319-96884-1_22
    Type Book Chapter
    Author Dobraunig C
    Publisher Springer Nature
    Pages 662-692
  • 2017
    Title Cryptanalysis of Simpira v1
    DOI 10.1007/978-3-319-69453-5_16
    Type Book Chapter
    Author Dobraunig C
    Publisher Springer Nature
    Pages 284-298
  • 2017
    Title Reconciling Masking in Hardware and Software
    DOI 10.1007/978-3-319-66787-4_6
    Type Book Chapter
    Author Gross H
    Publisher Springer Nature
    Pages 115-136
  • 2017
    Title Gimli : A Cross-Platform Permutation
    DOI 10.1007/978-3-319-66787-4_15
    Type Book Chapter
    Author Bernstein D
    Publisher Springer Nature
    Pages 299-320
  • 2017
    Title Collisions and Semi-Free-Start Collisions for Round-Reduced RIPEMD-160
    DOI 10.1007/978-3-319-70694-8_6
    Type Book Chapter
    Author Liu F
    Publisher Springer Nature
    Pages 158-186
  • 2017
    Title Higher-Order Side-Channel Protected Implementations of Keccak
    DOI 10.1109/dsd.2017.21
    Type Conference Proceeding Abstract
    Author Gross H
    Pages 205-212
  • 2016
    Title Practical Key-Recovery Attack on MANTIS5.
    Type Journal Article
    Author Dobraunig C
  • 2021
    Title Ascon v1.2: Lightweight Authenticated Encryption and Hashing
    DOI 10.1007/s00145-021-09398-9
    Type Journal Article
    Author Dobraunig C
    Journal Journal of Cryptology
    Pages 33
    Link Publication
  • 0
    Title Submission to CAESAR.
    Type Other
    Author Dobraunig C
  • 0
    Title Mixture Differential Cryptanalysis: New Approaches for Distinguishers and Attacks on round-reduced AES.
    Type Other
    Author Grassi L
  • 0
    Title Clustering Related-Tweak Characteristics: Application to MANTIS-6.
    Type Other
    Author Eichlseder M
  • 0
    Title Rasta: A cipher with low ANDdepth and few ANDs per bit.
    Type Other
    Author Dobraunig C
  • 2016
    Title Subspace Trail Cryptanalysis and its Applications to AES.
    Type Journal Article
    Author Grassi L
  • 2016
    Title MiMC: Efficient Encryption and Cryptographic Hashing with Minimal Multiplicative Complexity
    DOI 10.1007/978-3-662-53887-6_7
    Type Book Chapter
    Author Albrecht M
    Publisher Springer Nature
    Pages 191-219
  • 2016
    Title Statistical Fault Attacks on Nonce-Based Authenticated Encryption Schemes
    DOI 10.1007/978-3-662-53887-6_14
    Type Book Chapter
    Author Dobraunig C
    Publisher Springer Nature
    Pages 369-395
  • 2016
    Title MPC-Friendly Symmetric Key Primitives
    DOI 10.1145/2976749.2978332
    Type Conference Proceeding Abstract
    Author Grassi L
    Pages 430-443
    Link Publication
  • 2016
    Title Square Attack on 7-Round Kiasu-BC
    DOI 10.1007/978-3-319-39555-5_27
    Type Book Chapter
    Author Dobraunig C
    Publisher Springer Nature
    Pages 500-517
  • 2016
    Title Analysis of the Kupyna-256 Hash Function
    DOI 10.1007/978-3-662-52993-5_29
    Type Book Chapter
    Author Dobraunig C
    Publisher Springer Nature
    Pages 575-590
  • 2016
    Title Improved Rebound Attacks on AESQ: Core Permutation of CAESAR Candidate PAEQ
    DOI 10.1007/978-3-319-40367-0_19
    Type Book Chapter
    Author Bagheri N
    Publisher Springer Nature
    Pages 301-316
  • 2016
    Title Higher-Order Cryptanalysis of LowMC
    DOI 10.1007/978-3-319-30840-1_6
    Type Book Chapter
    Author Dobraunig C
    Publisher Springer Nature
    Pages 87-101
  • 2018
    Title Formal Verification of Masked Hardware Implementations in the Presence of Glitches
    DOI 10.1007/978-3-319-78375-8_11
    Type Book Chapter
    Author Bloem R
    Publisher Springer Nature
    Pages 321-353
  • 2015
    Title Cryptanalysis of Ascon
    DOI 10.1007/978-3-319-16715-2_20
    Type Book Chapter
    Author Dobraunig C
    Publisher Springer Nature
    Pages 371-387
  • 2015
    Title Suit up! - Made-to-Measure Hardware Implementations of Ascon.
    Type Conference Proceeding Abstract
    Author Ehrenhöfer C Et Al
    Conference Digital System Design - DSD 2015
  • 2015
    Title Key Recovery Attacks on Recent Authenticated Ciphers
    DOI 10.1007/978-3-319-16295-9_15
    Type Book Chapter
    Author Bogdanov A
    Publisher Springer Nature
    Pages 274-287
  • 2014
    Title A low-area asic implementation of aegis 128 — a fast authenticated encryption algorithm
    DOI 10.1109/austrochip.2014.6946315
    Type Conference Proceeding Abstract
    Author Schilling R
    Pages 1-5
  • 2015
    Title Suit Up!-Made-to-Measure Hardware Implementations of Ascon
    DOI 10.1109/dsd.2015.14
    Type Conference Proceeding Abstract
    Author Groß H
    Pages 645-652
    Link Publication
  • 2015
    Title Heuristic Tool for Linear Cryptanalysis with Applications to CAESAR Candidates
    DOI 10.1007/978-3-662-48800-3_20
    Type Book Chapter
    Author Dobraunig C
    Publisher Springer Nature
    Pages 490-509
  • 2015
    Title On the Security of Fresh Re-keying to Counteract Side-Channel and Fault Attacks
    DOI 10.1007/978-3-319-16763-3_14
    Type Book Chapter
    Author Dobraunig C
    Publisher Springer Nature
    Pages 233-244
  • 2015
    Title Related-Key Forgeries for Prøst-OTR
    DOI 10.1007/978-3-662-48116-5_14
    Type Book Chapter
    Author Dobraunig C
    Publisher Springer Nature
    Pages 282-296
  • 2015
    Title Simulations of Optical Emissions for Attacking AES and Masked AES
    DOI 10.1007/978-3-319-24126-5_11
    Type Book Chapter
    Author Bertoni G
    Publisher Springer Nature
    Pages 172-189
  • 2017
    Title ISAP - Towards Side-Channel Secure Authenticated Encryption.
    Type Journal Article
    Author Dobraunig C
  • 0
    Title Exploiting Ineffective Fault Inductions on Symmetric Cryptography.
    Type Other
    Author Dobraunig C
  • 0
    Title Note on the Robustness of CAESAR Candidates.
    Type Other
    Author Kales D
  • 0
    Title Generic Low-Latency Masking.
    Type Other
    Author Bloem R Et Al
  • 0
    Title New and Old Limits for AES Known-Key Distinguishers.
    Type Other
    Author Grassi L