{"title":"使用关联数据进行身份验证加密的mF模式","authors":"Bishwajit Chakraborty, M. Nandi","doi":"10.1515/jmc-2020-0054","DOIUrl":null,"url":null,"abstract":"Abstract In recent years, the demand for lightweight cryptographic protocols has grown immensely. To fulfill this necessity, the National Institute of Standards and Technology (NIST) has initiated a standardization process for lightweight cryptographic encryption. NIST’s call for proposal demands that the scheme should have one primary member that has a key length of 128 bits, and it should be secure up to 2 50 − 1 {2}^{50}-1 byte queries and 2 112 {2}^{112} computations. In this article, we propose a tweakable block cipher (TBC)-based authenticated encryption with associated data (AEAD) scheme, which we call mF {\\mathsf{mF}} . We provide authenticated encryption security analysis for mF {\\mathsf{mF}} under some weaker security assumptions (stated in the article) on the underlying TBC. We instantiate a TBC using block cipher and show that the TBC achieves these weaker securities, provided the key update function has high periodicity. mixFeed {\\mathsf{mixFeed}} is a round 2 candidate in the aforementioned lightweight cryptographic standardization competition. When we replace the key update function with the key scheduling function of Advanced Encryption Standard (AES), the mF {\\mathsf{mF}} mode reduces to mixFeed {\\mathsf{mixFeed}} . Recently, the low periodicity of AES key schedule is shown. Exploiting this feature, a practical attack on mixFeed {\\mathsf{mixFeed}} is reported. We have shown that multiplication by primitive element satisfies the high periodicity property, and we have a secure instantiation of mF {\\mathsf{mF}} , a secure variant of mixFeed {\\mathsf{mixFeed}} .","PeriodicalId":43866,"journal":{"name":"Journal of Mathematical Cryptology","volume":null,"pages":null},"PeriodicalIF":0.5000,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"The mF mode of authenticated encryption with associated data\",\"authors\":\"Bishwajit Chakraborty, M. Nandi\",\"doi\":\"10.1515/jmc-2020-0054\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Abstract In recent years, the demand for lightweight cryptographic protocols has grown immensely. To fulfill this necessity, the National Institute of Standards and Technology (NIST) has initiated a standardization process for lightweight cryptographic encryption. NIST’s call for proposal demands that the scheme should have one primary member that has a key length of 128 bits, and it should be secure up to 2 50 − 1 {2}^{50}-1 byte queries and 2 112 {2}^{112} computations. In this article, we propose a tweakable block cipher (TBC)-based authenticated encryption with associated data (AEAD) scheme, which we call mF {\\\\mathsf{mF}} . We provide authenticated encryption security analysis for mF {\\\\mathsf{mF}} under some weaker security assumptions (stated in the article) on the underlying TBC. We instantiate a TBC using block cipher and show that the TBC achieves these weaker securities, provided the key update function has high periodicity. mixFeed {\\\\mathsf{mixFeed}} is a round 2 candidate in the aforementioned lightweight cryptographic standardization competition. When we replace the key update function with the key scheduling function of Advanced Encryption Standard (AES), the mF {\\\\mathsf{mF}} mode reduces to mixFeed {\\\\mathsf{mixFeed}} . Recently, the low periodicity of AES key schedule is shown. Exploiting this feature, a practical attack on mixFeed {\\\\mathsf{mixFeed}} is reported. We have shown that multiplication by primitive element satisfies the high periodicity property, and we have a secure instantiation of mF {\\\\mathsf{mF}} , a secure variant of mixFeed {\\\\mathsf{mixFeed}} .\",\"PeriodicalId\":43866,\"journal\":{\"name\":\"Journal of Mathematical Cryptology\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.5000,\"publicationDate\":\"2022-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Mathematical Cryptology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1515/jmc-2020-0054\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, THEORY & METHODS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Mathematical Cryptology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1515/jmc-2020-0054","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
The mF mode of authenticated encryption with associated data
Abstract In recent years, the demand for lightweight cryptographic protocols has grown immensely. To fulfill this necessity, the National Institute of Standards and Technology (NIST) has initiated a standardization process for lightweight cryptographic encryption. NIST’s call for proposal demands that the scheme should have one primary member that has a key length of 128 bits, and it should be secure up to 2 50 − 1 {2}^{50}-1 byte queries and 2 112 {2}^{112} computations. In this article, we propose a tweakable block cipher (TBC)-based authenticated encryption with associated data (AEAD) scheme, which we call mF {\mathsf{mF}} . We provide authenticated encryption security analysis for mF {\mathsf{mF}} under some weaker security assumptions (stated in the article) on the underlying TBC. We instantiate a TBC using block cipher and show that the TBC achieves these weaker securities, provided the key update function has high periodicity. mixFeed {\mathsf{mixFeed}} is a round 2 candidate in the aforementioned lightweight cryptographic standardization competition. When we replace the key update function with the key scheduling function of Advanced Encryption Standard (AES), the mF {\mathsf{mF}} mode reduces to mixFeed {\mathsf{mixFeed}} . Recently, the low periodicity of AES key schedule is shown. Exploiting this feature, a practical attack on mixFeed {\mathsf{mixFeed}} is reported. We have shown that multiplication by primitive element satisfies the high periodicity property, and we have a secure instantiation of mF {\mathsf{mF}} , a secure variant of mixFeed {\mathsf{mixFeed}} .