Lightweight Authenticated Encryption Mode with Enhancing Security Guarantees

Abstract

Under the lightweight setting, the security requirements and the leaking security bits for devices or systems are stricter. This paper focuses on the security of permutation-based lightweight authenticated encryption (LAE) modes, presents a new syntax of LAE, and, on the basis of OPP. proposes an enhanced LAE mode called OPP-plus which supports beyond-birthday-bound (BBB) security and integrity security under the releasing unverified plaintext (INT-RUP). For achieving BBB security, OPP-plus is set up by two-round Even-Mansour ciphers with distinct keys. For ensuring INT-RUP security, the authentication part of OPP-plus utilizes an extra intermediated checksum technique to generate the authentication tag. Then, by using the hybrid argument, we prove that OPP-plus meets our stronger security requirements in the nonce-respecting scenario if the underlying permutation is an ideal random permutation. Finally, we discuss the properties of OPP-plus. OPP-plus is based on a pure-permutation, and supports adaptively block-size and smaller security losses. As OPP-plus does not perform the key expansion algorithm and its parts of combinatorial circuits can be replaced directly by lookup tables, the cost of keys' update is relatively small and the implementation efficiency is relatively high in practice.