Beyond full‐bit secure authenticated encryption without input‐length limitation
Abstract The security bound is an important evaluation criterion in an authenticated encryption (AE) scheme. Many AE schemes that are widely used have birthday‐bound security, which means that the scheme has b/2‐bit security, where b is the block size of the underlying primitive. However, due to the...
Saved in:
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2022-07-01
|
| Series: | IET Information Security |
| Subjects: | |
| Online Access: | https://doi.org/10.1049/ise2.12056 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832558674695946240 |
|---|---|
| author | Akiko Inoue |
| author_facet | Akiko Inoue |
| author_sort | Akiko Inoue |
| collection | DOAJ |
| description | Abstract The security bound is an important evaluation criterion in an authenticated encryption (AE) scheme. Many AE schemes that are widely used have birthday‐bound security, which means that the scheme has b/2‐bit security, where b is the block size of the underlying primitive. However, due to the increased interest in lightweight cryptography, smaller block‐size primitives have been developed, which has led to more active research on AE schemes with beyond birthday‐bound security. Although all such AE schemes are secure up to a full‐bit (i.e. b‐bit) bound at most, Naito et al. proposed the first beyond full‐bit‐bound secure AE schemes, PFB_Plus and PFBω, at Eurocrypt 2020. PFB_Plus and PFBω achieve 2b‐bit security and ωb‐bit security, respectively, where ω is a parameter s.t. ω∈N. In this work, the author points out a downside of PFBω that was not clearly specified in its proposal paper and resolves it with the proposed scheme, exPFBω. The downside of PFBω is that there is a limitation on each input size; it can process only up to 2b − 2 blocks for each input in spite of its high security bound. The author's scheme, exPFBω, is the first AE to achieve ωb‐bit security and has no limitation on each input size for ω ≥ 3. |
| format | Article |
| id | doaj-art-a108d543845b433686f2c4f53c3e05f9 |
| institution | Kabale University |
| issn | 1751-8709 1751-8717 |
| language | English |
| publishDate | 2022-07-01 |
| publisher | Wiley |
| record_format | Article |
| series | IET Information Security |
| spelling | doaj-art-a108d543845b433686f2c4f53c3e05f92025-02-03T01:31:54ZengWileyIET Information Security1751-87091751-87172022-07-0116425326110.1049/ise2.12056Beyond full‐bit secure authenticated encryption without input‐length limitationAkiko Inoue0Central Laboratory NEC Corporation Kawasaki JapanAbstract The security bound is an important evaluation criterion in an authenticated encryption (AE) scheme. Many AE schemes that are widely used have birthday‐bound security, which means that the scheme has b/2‐bit security, where b is the block size of the underlying primitive. However, due to the increased interest in lightweight cryptography, smaller block‐size primitives have been developed, which has led to more active research on AE schemes with beyond birthday‐bound security. Although all such AE schemes are secure up to a full‐bit (i.e. b‐bit) bound at most, Naito et al. proposed the first beyond full‐bit‐bound secure AE schemes, PFB_Plus and PFBω, at Eurocrypt 2020. PFB_Plus and PFBω achieve 2b‐bit security and ωb‐bit security, respectively, where ω is a parameter s.t. ω∈N. In this work, the author points out a downside of PFBω that was not clearly specified in its proposal paper and resolves it with the proposed scheme, exPFBω. The downside of PFBω is that there is a limitation on each input size; it can process only up to 2b − 2 blocks for each input in spite of its high security bound. The author's scheme, exPFBω, is the first AE to achieve ωb‐bit security and has no limitation on each input size for ω ≥ 3.https://doi.org/10.1049/ise2.12056authenticated encryptionbeyond birthday‐bound securitybeyond full‐bit‐bound securitysymmetric key cryptography |
| spellingShingle | Akiko Inoue Beyond full‐bit secure authenticated encryption without input‐length limitation IET Information Security authenticated encryption beyond birthday‐bound security beyond full‐bit‐bound security symmetric key cryptography |
| title | Beyond full‐bit secure authenticated encryption without input‐length limitation |
| title_full | Beyond full‐bit secure authenticated encryption without input‐length limitation |
| title_fullStr | Beyond full‐bit secure authenticated encryption without input‐length limitation |
| title_full_unstemmed | Beyond full‐bit secure authenticated encryption without input‐length limitation |
| title_short | Beyond full‐bit secure authenticated encryption without input‐length limitation |
| title_sort | beyond full bit secure authenticated encryption without input length limitation |
| topic | authenticated encryption beyond birthday‐bound security beyond full‐bit‐bound security symmetric key cryptography |
| url | https://doi.org/10.1049/ise2.12056 |
| work_keys_str_mv | AT akikoinoue beyondfullbitsecureauthenticatedencryptionwithoutinputlengthlimitation |