[Resource Topic] 2023/1673: Designing Full-Rate Sponge based AEAD modes

Resource Secret-key cryptography
#1

Welcome to the resource topic for 2023/1673

Title:
Designing Full-Rate Sponge based AEAD modes

Authors: Bishwajit Chakraborty, Nilanjan Datta, Mridul Nandi

Abstract:

Sponge based constructions have gained significant popularity for designing lightweight authenticated encryption modes. Most of the authenticated ciphers following the Sponge paradigm can be viewed as variations of the Transform-then-permute construction. It is known that a construction following the Transform-then-permute paradigm provides security against any adversary having data complexity D and time complexity T as long as DT \ll 2^{b-r}. Here, b represents the size of the underlying permutation, while r pertains to the rate at which the message is injected. The above result demonstrates that an increase in the rate leads to a degradation in the security of the constructions, with no security guaranteed to constructions operating at the full rate, where r=b. This present study delves into the exploration of whether adding some auxiliary states could potentially improve the security of the Transform-then-permute construction.

Our investigation yields an affirmative response, demonstrating that a special class of full rate Transform-then-permute with additional states, dubbed frTtP+, can indeed attain security when operated under a suitable feedback function and properly initialized additional state. To be precise, we prove that frTtP+ provides security as long as D \ll 2^{s/2} and T \ll 2^{s}, where s denotes the size of the auxiliary state in terms of bits. To demonstrate the applicability of this result, we show that the construction Orange-Zest_{mod} belongs to this class, thereby obtaining the desired security. In addition, we propose a family of full-rate Transform-then-permute construction with a Beetle-like feedback function, dubbed \textsf{fr-Beetle}, which also achieves the same level of security.

ePrint: https://eprint.iacr.org/2023/1673

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .