$\mathsf{sMGM}$: parameterizable AEAD mode

L. R. Akhmetzyanova; E. K. Alekseev; A. A. Babueva; A. A. Bozhko; S. V. Smyshlyaev

L. R. Akhmetzyanova ; E. K. Alekseev ; A. A. Babueva ; A. A. Bozhko ; S. V. Smyshlyaev

Matematičeskie voprosy kriptografii, Tome 14 (2023) no. 2, pp. 7-24 Cet article a éte moissonné depuis la source Math-Net.Ru

Voir la notice de l'article

Résumé

The paper introduces a new AEAD mode called $\mathsf{sMGM}$ (strong Multilinear Galois Mode). The proposed construction can be treated as an extension of the Russian standardized $\mathsf{MGM}$ mode and its modification $\mathsf{MGM2}$ mode presented at the CTCrypt'21 conference. The distinctive feature of the new mode is that it provides an interface allowing to choose specific security properties required for a certain application case. Namely, the mode has additional parameters allowing to switch on/off misuse-resistance or re-keying mechanisms. The $\mathsf{sMGM}$ mode consists of two main «building blocks» that are a CTR-style gamma generation function with incorporated re-keying and a multilinear function that lies in the core of the original $\mathsf{MGM}$ mode. Different ways of using these functions leads to achieving different sets of security properties. This approach to the construction of parameterizable AEAD mode allows to reduce the code size which can be crucial for constrained devices. We provide security bounds for the proposed mode. We focus on proving misuse-resistance of the $\mathsf{sMGM}$ mode, since the standard security properties were already analyzed during development of the original $\mathsf{MGM}$ and $\mathsf{MGM2}$ modes.

Export
Comment citer

@article{MVK_2023_14_2_a0,
     author = {L. R. Akhmetzyanova and E. K. Alekseev and A. A. Babueva and A. A. Bozhko and S. V. Smyshlyaev},
     title = {$\mathsf{sMGM}$: parameterizable {AEAD} mode},
     journal = {Matemati\v{c}eskie voprosy kriptografii},
     pages = {7--24},
     year = {2023},
     volume = {14},
     number = {2},
     language = {en},
     url = {http://geodesic.mathdoc.fr/item/MVK_2023_14_2_a0/}
}

TY  - JOUR
AU  - L. R. Akhmetzyanova
AU  - E. K. Alekseev
AU  - A. A. Babueva
AU  - A. A. Bozhko
AU  - S. V. Smyshlyaev
TI  - $\mathsf{sMGM}$: parameterizable AEAD mode
JO  - Matematičeskie voprosy kriptografii
PY  - 2023
SP  - 7
EP  - 24
VL  - 14
IS  - 2
UR  - http://geodesic.mathdoc.fr/item/MVK_2023_14_2_a0/
LA  - en
ID  - MVK_2023_14_2_a0
ER  -

%0 Journal Article
%A L. R. Akhmetzyanova
%A E. K. Alekseev
%A A. A. Babueva
%A A. A. Bozhko
%A S. V. Smyshlyaev
%T $\mathsf{sMGM}$: parameterizable AEAD mode
%J Matematičeskie voprosy kriptografii
%D 2023
%P 7-24
%V 14
%N 2
%U http://geodesic.mathdoc.fr/item/MVK_2023_14_2_a0/
%G en
%F MVK_2023_14_2_a0

L. R. Akhmetzyanova; E. K. Alekseev; A. A. Babueva; A. A. Bozhko; S. V. Smyshlyaev. $\mathsf{sMGM}$: parameterizable AEAD mode. Matematičeskie voprosy kriptografii, Tome 14 (2023) no. 2, pp. 7-24. http://geodesic.mathdoc.fr/item/MVK_2023_14_2_a0/

Bibliographie
Cité par

[1] Akhmetzyanova L., Alekseev E., Babueva A., Bozhko A., Smyshlyaev S., “Misuse-resistant MGM2 mode”, Int. J. Open Inf. Technologies, 10:1 (2022), 6–14

[2] Akhmetzyanova L., Alekseev E., Smyshlyaev S., Oshkin I., “On internal Re-keying”, SSR 2020, Lect. Notes Comput. Sci., 12529, 2020, 23–45 | DOI | Zbl

[3] Andreeva E., Bogdanov A., Luykx A., Mennink B., Mouha N., Yasuda K., “How to securely release unverified plaintext in authenticated encryption”, ASIACRYPT 2014, Lect. Notes Comput. Sci., 8873, 2014, 105–125 | DOI | MR | Zbl

[4] Bellizia D., Bronchain O., Cassiers G., Grosso V., Guo C., Momin C., Pereira O., Peters T., Standaert F.X., Mode-level vs. implementation-level physical security in symmetric cryptography: A practical guide through the leakage-resistance jungle, IACR ePrint Archive, Report 2020/211, , 2020 https://eprint.iacr.org/2020/211 | MR

[5] Brandstetter L., Fischlin M., Schröder R.L., Yonli M., “On the memory fault resilience of TLS 1.3”, Lect. Notes Comput. Sci., 12529, 2020, 1–22 | DOI | Zbl

[6] Bellare M., Rogaway P., Introduction to modern cryptography, 2005, 283 pp. https://web.cs.ucdavis.edu/r̃ogaway/classes/227/spring05/book/main.pdf

[7] Bernstein D.J., Stronger security bounds for permutations, 2005 http://cr.yp.to/antiforgery/permutations-20050323.ps

[8] Black J., Rogaway P., Shrimpton T., “Encryption-scheme security in the presence of key-dependent messages”, SAC'02, Lect. Notes Comput. Sci., 2595, 2002, 62-75 | DOI | MR

[9] Chakraborty D., López C.M., Sarkar P., Disk encryption: do we need to preserve length?, J. Cryptogr. Engineering, 8:1, 49-69 | DOI | MR

[10] Chang D., Nandi M., A short proof of the PRP/PRF switching lemma, IACR ePrint Archive, Report 2008/078, https://eprint.iacr.org/2008/078

[11] CAESAR competition, https://competitions.cr.yp.to/caesar-submissions.html

[12] Federal Agency on Technical Regulating and Metrology, Information technology. Cryptographic data security. Authenticated encryption block cipher operation modes, R 1323565.1.026-2019, FGBU “RST”, 2019, 16 pp. (In Russian)

[13] Gueron S., Lindell Y., “GCM-SIV: full nonce misuse-resistant authenticated encryption at under one cycle per byte”, Proc. 22nd ACM SIGSAC Conf. Computer and Communic. Security, ACM, 2015, 109–119 | DOI

[14] Hoang V.T., Krovetz T., Rogaway P., “Robust authenticated-encryption AEZ and the problem that it solves”, EUROCRYPT 2015, Lect. Notes Comput. Sci., 9056, 2015, 15–44 | DOI | MR | Zbl

[15] Rogaway P., Shrimpton T., “A provable-security treatment of the key-wrap problem”, EUROCRYPT 2006, Lect. Notes Comput. Sci., 4004, 2006, 373–390 | DOI | MR | Zbl

[16] Smyshlyaev S., Nozdrunov V., Shishkin V., Griboedova E., RFC 9058 Multilinear Galois Mode (MGM), 2021 https://datatracker.ietf.org/doc/rfc9058

Parcourir par

Geodesic

Parcourir par