Geodesic
On the security of authenticated encryption mode with associated data MGM with respect to confidentiality threat
Matematičeskie voprosy kriptografii, Tome 14 (2023) no. 3, pp. 49-73 Cet article a éte moissonné depuis la source Math-Net.Ru

Voir la notice de l'article

The authenticated encryption mode with associated data MGM was first presented at the CTCrypt'2017 conference and subsequently standardized in documents R 1323565.1.026-2019 of the Russian standardization system and RFC 9058 of the IETF organization. The mode is aimed to protect transmitted data in the TLS 1.3 and IPsec protocols with GOST algorithms. In this paper the security of MGM is estimated in a standard security model used for confidentiality analysis, using a complexity-theoretic approach. In other words, lower security bounds of the mode were obtained assuming the security of the block cipher in the PRP-CPA (PseudoRandom Permutations under Chosen Plaintext Attack) model. The obtained bounds show that MGM provides an acceptable security level for a wide range of practically important parameters. 
@article{MVK_2023_14_3_a3,
     author = {L. R. Akhmetzyanova and E. K. Alekseev and G. A. Karpunin and V. I. Nozdrunov},
     title = {On the security of authenticated encryption mode with associated data {MGM} with respect to confidentiality threat},
     journal = {Matemati\v{c}eskie voprosy kriptografii},
     pages = {49--73},
     year = {2023},
     volume = {14},
     number = {3},
     language = {ru},
     url = {http://geodesic.mathdoc.fr/item/MVK_2023_14_3_a3/}
}
TY  - JOUR
AU  - L. R. Akhmetzyanova
AU  - E. K. Alekseev
AU  - G. A. Karpunin
AU  - V. I. Nozdrunov
TI  - On the security of authenticated encryption mode with associated data MGM with respect to confidentiality threat
JO  - Matematičeskie voprosy kriptografii
PY  - 2023
SP  - 49
EP  - 73
VL  - 14
IS  - 3
UR  - http://geodesic.mathdoc.fr/item/MVK_2023_14_3_a3/
LA  - ru
ID  - MVK_2023_14_3_a3
ER  - 
%0 Journal Article
%A L. R. Akhmetzyanova
%A E. K. Alekseev
%A G. A. Karpunin
%A V. I. Nozdrunov
%T On the security of authenticated encryption mode with associated data MGM with respect to confidentiality threat
%J Matematičeskie voprosy kriptografii
%D 2023
%P 49-73
%V 14
%N 3
%U http://geodesic.mathdoc.fr/item/MVK_2023_14_3_a3/
%G ru
%F MVK_2023_14_3_a3
L. R. Akhmetzyanova; E. K. Alekseev; G. A. Karpunin; V. I. Nozdrunov. On the security of authenticated encryption mode with associated data MGM with respect to confidentiality threat. Matematičeskie voprosy kriptografii, Tome 14 (2023) no. 3, pp. 49-73. http://geodesic.mathdoc.fr/item/MVK_2023_14_3_a3/

[1] Bellare M., Rogaway P., “Pseudorandom Functions”, Introduction to modern cryptography, Chapter 4, 2005 https://web.cs.ucdavis.edu/r̃ogaway/classes/227/spring05/book/main.pdf

[2] Arora S., Barak B., Computational Complexity: A Modern Approach, 1st edition, Cambridge University Press, 2009 | MR | Zbl

[3] Rogaway P., “Nonce-based symmetric encryption”, FSE 2004, Lect. Notes Comput. Sci., 3017, 2004, 348–358 | DOI

[4] Chang D., Nandi M., A short proof of the PRP/PRF switching lemma, IACR ePrint Archive, Report 2008/078, 2008 https://eprint.iacr.org/2008/078

[5] GOST cipher suites for transport layer security (TLS) protocol version 1.3., RFC 9367, 2023 https://datatracker.ietf.org/doc/html/rfc9367

[6] Multilinear Galois Mode (MGM), RFC 9058, 2021 https://datatracker.ietf.org/doc/html/rfc9058

[7] Informatsionnaya tekhnologiya. Kriptograficheskaya zaschita informatsii. Rezhimy raboty blochnykh shifrov, realizuyuschie autentifitsirovannoe shifrovanie, Rekomendatsii po standartizatsii R 1323565.1.026-2019, Standartinform, M., 2019

[8] Informatsionnaya tekhnologiya. Kriptograficheskaya zaschita informatsii. Ispolzovanie kriptograficheskikh algoritmov v protokole bezopasnosti transportnogo urovnya (TLS 1.3), Rekomendatsii po standartizatsii R 1323565.1.030-2020, Standartinform, M., 2020

[9] Informatsionnaya tekhnologiya. Kriptograficheskaya zaschita informatsii. Ispolzovanie rossiiskikh kriptograficheskikh algoritmov v protokole zaschity informatsii ESP, Rekomendatsii po standartizatsii R 1323565.1.035-2021, Standartinform, M., 2021

[10] Informatsionnaya tekhnologiya. Kriptograficheskaya zaschita informatsii. Blochnye shifry, GOST R 34.12-2015, Standartinform, M., 2018

[11] Nozdrunov V., “Parallel and double block cipher mode of operation (PD-mode) for authenticated encryption”, CTCrypt 2017, Pre-proceedings, Saint Petersburg, Repino, 2017, 36–45

[12] Rescorla E., The transport layer security (TLS) protocol version 1.3, Internet Standards Track document, RFC 8446, Internet Engineering Task Force (IETF), 2018 https://datatracker.ietf.org/doc/html/rfc8446