Skip to main content

Lund University Publications

LUND UNIVERSITY LIBRARIES

Fast Parallelizable Misuse-Resistant Authenticated Encryption : Low Latency (Decryption-Fast) SIV

Khairallah, Mustafa LU (2024) Selected Areas in Cryptography 2024
Abstract
In this paper, we present two new provable nonce-misuseresistant
AEAD modes based on tweakable block ciphers and universal
hash functions. These new modes target equipping high-speed applications
with nonce-misuse-resistant AEAD (MRAE). The first mode, Low
Latency Synthetic IV (LLSIV), targets similar performance on single-core
platforms to SCT-2, while eliminating the bottlenecks that make SCT-2
not fully parallelizable. The enhanced parallelism allows LLSIV to encrypt
significantly more blocks on parallel platforms, compared to SCT-2, in
the same amount of time. It is based on the NaT MAC. The second
mode is Low Latency Decryption-Fast SIV (LLDFV) which offers rate-1
decryption along side... (More)
In this paper, we present two new provable nonce-misuseresistant
AEAD modes based on tweakable block ciphers and universal
hash functions. These new modes target equipping high-speed applications
with nonce-misuse-resistant AEAD (MRAE). The first mode, Low
Latency Synthetic IV (LLSIV), targets similar performance on single-core
platforms to SCT-2, while eliminating the bottlenecks that make SCT-2
not fully parallelizable. The enhanced parallelism allows LLSIV to encrypt
significantly more blocks on parallel platforms, compared to SCT-2, in
the same amount of time. It is based on the NaT MAC. The second
mode is Low Latency Decryption-Fast SIV (LLDFV) which offers rate-1
decryption along side parallelizable low-latency encryption. It is faster
than decryption-fast SIV (DFV) on all platforms. We also propose LLSIV
with a reduced-round TBC in an adhoc mode of operation that we label
as pruned LLSIV (pLLSIV). This leads to a significant performance improvement,
making pLLSIV even faster than online TBC-based schemes
that are not MRAE-secure. We evaluate the performance of LLSIV and
pLLSIV using a pipelined FPGA architecture. (Less)
Please use this url to cite or link to this publication:
author
organization
publishing date
type
Chapter in Book/Report/Conference proceeding
publication status
in press
subject
host publication
Selected Areas of Cryptography 2024
conference name
Selected Areas in Cryptography 2024
conference location
Montreal, Canada
conference dates
2024-08-26 - 2024-08-30
language
English
LU publication?
yes
id
97d2b25f-679f-4d37-978c-10b93180576c
date added to LUP
2024-07-17 11:05:53
date last changed
2024-08-05 16:29:54
@inproceedings{97d2b25f-679f-4d37-978c-10b93180576c,
  abstract     = {{In this paper, we present two new provable nonce-misuseresistant<br/>AEAD modes based on tweakable block ciphers and universal<br/>hash functions. These new modes target equipping high-speed applications<br/>with nonce-misuse-resistant AEAD (MRAE). The first mode, Low<br/>Latency Synthetic IV (LLSIV), targets similar performance on single-core<br/>platforms to SCT-2, while eliminating the bottlenecks that make SCT-2<br/>not fully parallelizable. The enhanced parallelism allows LLSIV to encrypt<br/>significantly more blocks on parallel platforms, compared to SCT-2, in<br/>the same amount of time. It is based on the NaT MAC. The second<br/>mode is Low Latency Decryption-Fast SIV (LLDFV) which offers rate-1<br/>decryption along side parallelizable low-latency encryption. It is faster<br/>than decryption-fast SIV (DFV) on all platforms. We also propose LLSIV<br/>with a reduced-round TBC in an adhoc mode of operation that we label<br/>as pruned LLSIV (pLLSIV). This leads to a significant performance improvement,<br/>making pLLSIV even faster than online TBC-based schemes<br/>that are not MRAE-secure. We evaluate the performance of LLSIV and<br/>pLLSIV using a pipelined FPGA architecture.}},
  author       = {{Khairallah, Mustafa}},
  booktitle    = {{Selected Areas of Cryptography 2024}},
  language     = {{eng}},
  title        = {{Fast Parallelizable Misuse-Resistant Authenticated Encryption : Low Latency (Decryption-Fast) SIV}},
  year         = {{2024}},
}