Advertisement

Survey of design and security evaluation of authenticated encryption algorithms in the CAESAR competition

  • Fan ZhangEmail author
  • Zi-yuan Liang
  • Bo-lin Yang
  • Xin-jie Zhao
  • Shi-ze Guo
  • Kui Ren
Review
  • 16 Downloads

Abstract

The Competition for Authenticated Encryption: Security, Applicability, and Robustness (CAESAR) supported by the National Institute of Standards and Technology (NIST) is an ongoing project calling for submissions of authenticated encryption (AE) schemes. The competition itself aims at enhancing both the design of AE schemes and related analysis. The design goal is to pursue new AE schemes that are more secure than advanced encryption standard with Galois/counter mode (AES-GCM) and can simultaneously achieve three design aspects: security, applicability, and robustness. The competition has a total of three rounds and the last round is approaching the end in 2018. In this survey paper, we first introduce the requirements of the proposed design and the progress of candidate screening in the CAESAR competition. Second, the candidate AE schemes in the final round are classified according to their design structures and encryption modes. Third, comprehensive performance and security evaluations are conducted on these candidates. Finally, the research trends of design and analysis of AE for the future are discussed.

Key words

CAESAR competition Authenticated cipher Block cipher Stream cipher Hash function Security evaluation 

CLC number

TP309 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abdellatif KM, Chotin-Avot R, Mehrez H, 2017. AES-GCM and AEGIS: efficient and high speed hardware implementations. J Signal Proc Syst, 88(1):1–12.  https://doi.org/10.1007/s11265-016-1104-y CrossRefGoogle Scholar
  2. Agrawal M, Chang D, Sanadhya SK, 2017. A new authenticated encryption technique for handling long ciphertexts in memory constrained devices. Int J Appl Cryptogr, 3(3):236–261.  https://doi.org/10.1504/IJACT.2017.086223 MathSciNetzbMATHCrossRefGoogle Scholar
  3. Al Mahri HQ, Simpson L, Bartlett H, et al., 2016. Tweaking generic OTR to avoid forgery attacks. Proc 6th Int Conf on Applications and Techniques in Information Security, p.41–53.  https://doi.org/10.1007/978-981-10-2741-3_4 Google Scholar
  4. Al Mahri HQ, Simpson L, Bartlett H, et al., 2017. A fault-based attack on AEZ v4.2. Proc IEEE Trustcom/ BigDataSE/ICESS, p.634–641.  https://doi.org/10.1109/trustcom/bigdatase/icess.2017.294 Google Scholar
  5. Andreeva E, Bogdanov A, Luykx A, et al., 2015. AES-COPA v.2. CAESAR Submission.Google Scholar
  6. Andreeva E, Bogdanov A, Luykx A, et al., 2016a. AESCOPA v.1. Submission to the CAESAR competition.Google Scholar
  7. Andreeva E, Bogdanov A, Datta N, 2016b. ELmD v2.1. CAESAR Third Round Submission.Google Scholar
  8. Ashur T, Eichlseder M, Lauridsen MM, et al., 2018. Cryptanalysis of MORUS. Int Conf on the Theory and Application of Cryptology and Information Security, p.35–64.CrossRefGoogle Scholar
  9. Aumasson JP, Jovanovic P, Neves S, 2014a. Analysis of NORX: investigating differential and rotational properties. Proc 3rd Int Conf on Cryptology and Information Security in Latin America, p.306–324.  https://doi.org/10.1007/978-3-319-16295-9_17 Google Scholar
  10. Aumasson JP, Jovanovic P, Neves S, 2014b. NORX: parallel and scalable AEAD. Proc 19th European Symp on Research in Computer Security, p.19–36.  https://doi.org/10.1007/978-3-319-11212-1_2 Google Scholar
  11. Aumasson JP, Jovanovic P, Neves S, 2015. NORX v3.0. Submission to CAESAR (2016).zbMATHGoogle Scholar
  12. Bagheri N, Huang T, Jia KT, et al., 2016. Cryptanalysis of reduced NORX. Proc 23rd Int Conf on Fast Software Encryption, p.554–574.  https://doi.org/10.1007/978-3-662-52993-5_28 Google Scholar
  13. Banik S, Bogdanov A, Minematsu K, 2016. Low-area hardware implementations of CLOC, SILC and AES-OTR. IEEE Int Symp on Hardware Oriented Security and Trust, p.71–74.  https://doi.org/10.1109/HST.2016.7495559 CrossRefGoogle Scholar
  14. Bay A, Ersoy O, Karakoç F, 2016. Universal forgery and key recovery attacks on ELmD authenticated encryption algorithm. Proc 22nd Int Conf on the Theory and Application of Cryptology and Information Security, p.354–368.  https://doi.org/10.1007/978-3-662-53887-6_13 zbMATHCrossRefGoogle Scholar
  15. Bellare M, Namprempre C, 2008. Authenticated encryption: relations among notions and analysis of the generic composition paradigm. J Cryptol, 21(4):469–491.  https://doi.org/10.1007/s00145-008-9026-x MathSciNetzbMATHCrossRefGoogle Scholar
  16. Bellare M, Rogaway P, Wagner D, 2003. A conventional authenticated-encryption mode. Manuscript.Google Scholar
  17. Bellare M, Rogaway P, Spies T, 2010. The FFX mode of operation for format-preserving encryption. NIST Submission.Google Scholar
  18. Berti F, Koeune F, Pereira O, et al., 2016. Leakage-resilient and misuse-resistant authenticated encryption. IACR Cryptology ePrint Archive: Report 2016/996.Google Scholar
  19. Bertoni G, Daemen J, Peeters M, et al., 2011. Duplexing the sponge: single-pass authenticated encryption and other applications. Int Workshop on Selected Areas in Cryptography, p.320–337.  https://doi.org/10.1007/978-3-642-28496-0_19 zbMATHGoogle Scholar
  20. Bertoni G, Daemen J, Peeters M, et al., 2015. Keyak v2. CAESAR Submission.Google Scholar
  21. Berton G, Daemen J, Peeters M, et al., 2016. Ketje v2. CAESAR Submission.Google Scholar
  22. Bhaumik R, Nandi M, 2017. Improved security for OCB3. Proc 23rd Int Conf on the Theory and Application of Cryptology and Information Security, p.638–666.  https://doi.org/10.1007/978-3-319-70697-9_22 zbMATHCrossRefGoogle Scholar
  23. Bi WQ, Li Z, Dong XY, et al., 2017. Conditional cube attack on round-reduced River Keyak. Des Code Cryptogr, 86(6):1295–1310.  https://doi.org/10.1007/s10623-017-0396-7 MathSciNetzbMATHCrossRefGoogle Scholar
  24. Biryukov A, Udovenko A, Velichkov V, 2017. Analysis of the NORX Core Permutation. IACR Cryptology ePrint Archive: Report 2017/034.Google Scholar
  25. Bonnetain X, 2017. Quantum key recovery on full AEZ. Proc 24th Int Conf on Selected Areas in Cryptography, p.394–406.  https://doi.org/10.1007/978-3-319-72565-9_20 Google Scholar
  26. Bossuet L, Datta N, Mancillas-López C, et al., 2016. ELmD: a pipelineable authenticated encryption and its hardware implementation. IEEE Trans Comp, 65(11):3318–3331.  https://doi.org/10.1109/TC.2016.2529618 MathSciNetzbMATHCrossRefGoogle Scholar
  27. Bost R, Sanders O, 2016. Trick or tweak: on the (in)security of OTR’s tweaks. Proc 22nd Int Conf on the Theory and Application of Cryptology and Information Security, p.333–353.  https://doi.org/10.1007/978-3-662-53887-6_12 zbMATHGoogle Scholar
  28. Chaigneau C, Gilbert H, 2016. Is AEZ v4.1 sufficiently resilient against key-recovery attacks? IACR Trans Symmetr Cryptol, 2016(1):114–133.  https://doi.org/10.13154/tosc.v2016.i1.114-13. Google Scholar
  29. Chaigneau C, Thomas F, Gilbert H, 2015. Full key-recovery on ACORN in nonce-reuse and decryption-misuse settings. Posed on the Crypto-Competition Mailing List.Google Scholar
  30. Cid C, Huang T, Peyrin T, et al., 2017. A security analysis of deoxys and its internal tweakable block ciphers. IACR Trans Symmetr Cryptol, 2017(3):73–107.  https://doi.org/10.13154/tosc.v2017.i3.73-10. Google Scholar
  31. Clift P, 2014. Hardware Implementation of Offset Codebook Mode3 (OCB3). MS Thesis, California State University, Sacramento, USA.Google Scholar
  32. Dalai DK, Roy D, 2017. A state recovery attack on ACORNv1 and ACORN-v2. Proc 11th Int Conf on Network and System Security, p.332–345.  https://doi.org/10.1007/978-3-319-64701-2_24 Google Scholar
  33. Das S, Maitra S, Meier W, 2015. Higher order differential analysis of NORX. IACR Cryptology ePrint Archive: Report 2015/186.Google Scholar
  34. Deshpande S, Gaj K, 2017. Analysis and inner-round pipelined implementation of selected parallelizable CAESAR competition candidates. Euromicro Conf on Digital System Design, p.274–282.  https://doi.org/10.1109/DSD.2017.80 Google Scholar
  35. Dey P, Rohit RS, Adhikari A, 2016a. Full key recovery of ACORN with a single fault. J Inform Secur Appl, 29:57–64.  https://doi.org/10.1016/j.jisa.2016.03.003 Google Scholar
  36. Dey P, Rohit RS, Sarkar S, et al., 2016b. Differential fault analysis on Tiaoxin and AEGIS family of ciphers. Proc 4th Int Symp on Security in Computing and Communication, p.74–86.  https://doi.org/10.1007/978-981-10-2738-3_7 Google Scholar
  37. Dinur I, Morawiecki P, Pieprzyk J, et al., 2015. Cube attacks and cube-attack-like cryptanalysis on the round-reduced Keccak sponge function. Proc 34th Annual Int Conf on the Theory and Applications of Cryptographic Techniques, p.733–761.  https://doi.org/10.1007/978-3-662-46800-5_28 Google Scholar
  38. Dobraunig C, Eichlseder M, Korak T, et al., 2016a. Practical fault attacks on authenticated encryption modes for AES. IACR Cryptology ePrint Archive: Report 2016/616.Google Scholar
  39. Dobraunig C, Eichlseder M, Korak T, et al., 2016b. Statistical fault attacks on nonce-based authenticated encryption schemes. Proc 22nd Int Conf on the Theory and Application of Cryptology and Information Security, p.369–395.  https://doi.org/10.1007/978-3-662-53887-6_14 Google Scholar
  40. Dobraunig C, Eichlseder M, Mendel F, et al., 2016c. Ascon v1.2. Submission to the CAESAR Competition.Google Scholar
  41. Dobraunig C, Eichlseder M, Mangard S, et al., 2017. ISAP—towards side-channel secure authenticated encryption. IACR Trans Symmetr Cryptol, 2017(1):80–105.  https://doi.org/10.13154/tosc.v2017.i1.80-10. Google Scholar
  42. Dong XY, Li Z, Wang XY, et al., 2017. Cube–like attack on round-reduced initialization of Ketje Sr. IACR Trans Symmetr Cryptol, 2017(1):259–280.  https://doi.org/10.13154/tosc.v2017.i1.259-28. Google Scholar
  43. Dwivedi AD, Klouček M, Morawiecki P, et al., 2016. SAT-based cryptanalysis of authenticated ciphers from the CAESAR competition. IACR Cryptology ePrint Archive: Report 2016/1053.Google Scholar
  44. Dwivedi AD, Morawiecki P, Wójtowicz S, 2017. Differential and rotational cryptanalysis of round-reduced MORUS. Proc 14th Int Joint Conf on e-Business and Telecommunications, p.275–284.  https://doi.org/10.5220/0006411502750284 Google Scholar
  45. Dwivedi AD, Klouček M, Morawiecki P, et al., 2016. SAT-based cryptanalysis of authenticated ciphers from the CAESAR competition. IACR Cryptology ePrint Archive: Report 2016/1053.Google Scholar
  46. Dworkin M, 2016. Recommendation for block cipher modes of operation: methods for format-preserving encryption. NIST Special Publication 800-38G.CrossRefGoogle Scholar
  47. Ertaul L, Sravya KL, Sanka N, 2016. Implementation of authenticated encryption algorithm offset code book (OCB). Proc Int Conf on Wireless Networks, p.78–84.Google Scholar
  48. Farahmand F, Diehl W, Abdulgadir A, et al., 2018. Improved lightweight implementations of CAESAR authenticated ciphers. Cryptology ePrint Archive: Report 2018/573.CrossRefGoogle Scholar
  49. Forler C, List E, Lucks S, et al., 2017. Reforgeability of authenticated encryption schemes. Proc 22nd Australasian Conf on Information Security and Privacy, p.19–37.  https://doi.org/10.1007/978-3-319-59870-3_2 zbMATHCrossRefGoogle Scholar
  50. Fuhr T, Leurent G, Suder V, 2014. Collision attacks against CAESAR candidates. Proc 21st Int Conf on the Theory and Application of Cryptology and Information Security, p.510–532.  https://doi.org/10.1007/978-3-662-48800-3_21 zbMATHGoogle Scholar
  51. Fuhr T, Naya-Plasencia M, Rotella Y, 2018. State-recovery attacks on modified Ketje Jr. IACR Trans Symmetr Cryptol, 2018(1):29–56.  https://doi.org/10.13154/tosc.v2018.i1.29-5. Google Scholar
  52. Gligor VDP, 2016. Extended cipher block chaining encryption. Submission to NIST.Google Scholar
  53. Gligor VD, Donescu P, 2001. Fast encryption and authentication: XCBC encryption and XECB authentication modes. Int Workshop on Fast Software Encryption, p.92–108.zbMATHGoogle Scholar
  54. Groß H, Wenger E, Dobraunig C, et al., 2015. Suit up!-Madeto-measure hardware implementations of ASCON. Euromicro Conf on Digital System Design, p.645–652.  https://doi.org/10.1109/DSD.2015.14 Google Scholar
  55. Gross H, Wenger E, Dobraunig C, et al., 2017. ASCON hardware implementations and side-channel evaluation. Microprocess Microsyst, 52:470–479.  https://doi.org/10.1016/j.micpro.2016.10.006 CrossRefGoogle Scholar
  56. Halevi S, 2004. EME*: extending EME to handle arbitrarylength messages with associated data. Proc 5th Int Conf on Cryptology in India, p.315–327.  https://doi.org/10.1007/978-3-540-30556-9_25 zbMATHGoogle Scholar
  57. Halevi S, Rogaway P, 2004. A parallelizable enciphering mode. Cryptographers’ Track at the RSA Conf, p.292–304.  https://doi.org/10.1007/978-3-540-24660-2_23 zbMATHGoogle Scholar
  58. Hellström H, StreamSec H, 2001. Propagating cipher feedback mode. Proc 2nd NIST Modes of Operation Workshop.Google Scholar
  59. Hoang VT, Krovetz T, Rogaway P, 2014. AEZ v1: authenticated-encryption by enciphering. CAESAR 1st Round.zbMATHGoogle Scholar
  60. Hoang VT, Krovetz T, Rogaway P, 2015. Robust authenticated-encryption AEZ and the problem that it solves. Proc 34th Annual Int Conf on the Theory and Applications of Cryptographic Techniques, p.15–44.  https://doi.org/10.1007/978-3-662-46800-5_2 zbMATHCrossRefGoogle Scholar
  61. Hoang VT, Krovetz T, Rogaway P, 2016. AEZ v4. 2: authenticated encryption by enciphering. CAESAR Submission.Google Scholar
  62. Huang T, Wu HJ, 2018. Distinguishing attack on NORX permutation. IACR Trans Symmetr Cryptol, 2018(1):57–73.  https://doi.org/10.13154/tosc.v2018.i1.57-7. Google Scholar
  63. Hwang S, Lee C, 2015. Padding Oracle attack on block cipher with CBCCBC-double mode of operation using the BOZ-PAD. J Soc e-Buss Stud, 20(1):89–97.  https://doi.org/10.7838/jsebs.2015.20.1.089 MathSciNetCrossRefGoogle Scholar
  64. Iwata T, Minematsu K, Guo J, et al., 2014. SILC: simple lightweight CFB. Submission to the CAESAR Competition.Google Scholar
  65. Jean J, Nikolić I, Peyrin T, et al., 2016. Deoxys v1.41. Submitted to CAESAR.Google Scholar
  66. Josh RJ, Sarkar S, 2015. Some observations on ACORN v1 and Trivia-SC. Lightweight Cryptography Workshop, p.20–21.Google Scholar
  67. Jovanovic P, Luykx A, Mennink B, 2014. Beyond 2c/2 security in sponge-based authenticated encryption modes. Proc 20th Int Conf on the Theory and Application of Cryptology and Information Security, p.85–104.  https://doi.org/10.1007/978-3-662-45611-8_5 zbMATHGoogle Scholar
  68. Jutla CS, 2001. Encryption modes with almost free message integrity. Int Conf on the Theory and Applications of Cryptographic Techniques, p.529–544.zbMATHCrossRefGoogle Scholar
  69. Jutla CS, 2016a. Integrity aware cipher block chaining. Submission to NIST.Google Scholar
  70. Jutla CS, 2016b. Integrity aware parallelizable mode. Submission to NIST.Google Scholar
  71. Kaushal PK, Sobti R, Geetha G, 2012. Random Key Chaining (RKC): AES mode of operation. Int J Appl Inform Syst, 1(5):39–45.  https://doi.org/10.5120/ijais12-45018. Google Scholar
  72. Kohno T, 2003. Carter Wegman (authentication) with Counter (encryption). https://doi.org/csrc.nist.gov/CryptoToolkit/modes/proposedmodes/cwc/cwc-spec.pdf Google Scholar
  73. Kotegawa M, Iwai K, Tanaka H, et al., 2016. Optimization of hardware implementations with high-level synthesis of authenticated encryption. Bull Netw Comput Syst Soft, 5(1):26–33.Google Scholar
  74. Koteshwara S, Das A, Parhi KK, 2017. FPGA implementation and comparison of AES-GCM and Deoxys authenticated encryption schemes. IEEE Int Symp on Circuits and Systems, p.1–4.  https://doi.org/10.1109/ISCAS.2017.8050315 CrossRefGoogle Scholar
  75. Kumar S, Haj-Yahya J, Chattopadhyay A, 2018. Efficient hardware accelerator for NORX authenticated encryption. IEEE Int Symp on Circuits and Systems, p.1–5.  https://doi.org/10.1109/ISCAS.2018.8351145 CrossRefGoogle Scholar
  76. Lafitte F, Lerman L, Markowitch O, et al., 2016. SAT-based cryptanalysis of ACORN. IACR Cryptology ePrint Archive: Report 2016/521.Google Scholar
  77. Li Z, Dong XY, Wang XY, 2017. Conditional cube attack on round-reduced ASCON. IACR Trans Symmetr Cryptol, 2017(1):175–202.  https://doi.org/10.13154/tosc.v2017.i1.175-20. Google Scholar
  78. Liskov M, Rivest RL, Wagner D, 2002. Tweakable block ciphers. Proc 22nd Annual Int Cryptology Conf, p.31–46.  https://doi.org/10.1007/3-540-45708-9_3 zbMATHCrossRefGoogle Scholar
  79. Liskov M, Rivest RL, Wagner D, 2011. Tweakable block ciphers. J Cryptol, 24(3):588–613.  https://doi.org/10.1007/s00145-010-9073-y MathSciNetzbMATHCrossRefGoogle Scholar
  80. Liu FB, Liu FM, 2017. Universal forgery and key recovery attacks: application to FKS, FKD and Keyak. Cryptology ePrint Archive: Report 2017/691.Google Scholar
  81. Liu MC, Lin DD, 2014. Cryptanalysis of lightweight authenticated cipher ACORN. Posed on the Crypto-Competition Mailing List.Google Scholar
  82. Lu JQ, 2015. On the security of the COPA and marble authenticated encryption algorithms against (almost) universal forgery attack. IACR Cryptology ePrint Archive: Report 2015/079.Google Scholar
  83. Lu JQ, 2017. Almost universal forgery attacks on the COPA and marble authenticated encryption algorithms. Proc ACM Asia Conf on Computer and Communications Security, p.789–799.  https://doi.org/10.1145/3052973.3052981 CrossRefGoogle Scholar
  84. Mary DSN, Begum AT, 2017. An algorithm for moderating DoS attack in web based application. Int Conf on Technical Advancements in Computers and Communications, p.26–31.  https://doi.org/10.1109/ICTACC.2017.17 CrossRefGoogle Scholar
  85. McGrew D, Viega J, 2004. The Galois/counter mode of operation (GCM). Submission to NIST Modes of Operation Process.zbMATHGoogle Scholar
  86. McKay KA, Bassham LE, Turan MS, et al., 2017. Report on lightweight cryptography. NIST.CrossRefGoogle Scholar
  87. Mehrdad A, Moazami F, Soleimany H, 2018. Impossible differential cryptanalysis on deoxys-BC-256. Cryptology ePrint Archive, Report 2018/048.Google Scholar
  88. Mennink B, 2017. Weak keys for AEZ, and the external key padding attack. Cryptographers’ Track at the RSA Conf, p.223–237.  https://doi.org/10.1007/978-3-319-52153-4_13 zbMATHCrossRefGoogle Scholar
  89. Mennink B, Reyhanitabar R, Vizár D, 2015. Security of full-state keyed sponge and duplex: applications to authenticated encryption. Int Conf on the Theory and Application of Cryptology and Information Security, p.465–489.  https://doi.org/10.1007/978-3-662-48800-3_19 zbMATHGoogle Scholar
  90. Mileva A, Dimitrova V, Velichkov V, 2015. Analysis of the authenticated cipher MORUS (v1). Proc 2nd Int Conf on Cryptography and Information Security in the Balkans, p.45–59.  https://doi.org/10.1007/978-3-319-29172-7_4 zbMATHGoogle Scholar
  91. Minaud B, 2014. Linear biases in AEGIS keystream. Proc 21st Int Conf on Selected Areas in Cryptography, p.290–305.  https://doi.org/10.1007/978-3-319-13051-4_18 zbMATHCrossRefGoogle Scholar
  92. Minematsu K, 2014. Parallelizable rate-1 authenticated encryption from pseudorandom functions. Proc 33rd Annual Int Conf on the Theory and Applications of Cryptographic Techniques, p.275–292.  https://doi.org/10.1007/978-3-642-55220-5_16 zbMATHCrossRefGoogle Scholar
  93. Minematsu K, 2016. AES-OTR v3.1. Japan Submission to CAESAR, NEC Corporation.'Google Scholar
  94. Minematsu K, Guo J, Kobayashi E, 2016. CLOC and SILC. https://doi.org/competitions.cr.yp.to/round3/clocsilcv3.pdf Google Scholar
  95. Moise A, Beroset E, Phinney T, et al., 2011. EAX’ Cipher Mode. NIST.Google Scholar
  96. Morawiecki P, Pieprzyk J, Straus M, et al., 2015. Applications of key recovery cube-attack-like. IACR Cryptology ePrint Archive: Report 2015/1009.zbMATHGoogle Scholar
  97. Nandi M, 2015. Revisiting security claims of XLS and COPA. IACR Cryptology ePrint Archive: Report 2015/444.Google Scholar
  98. Nikolić I, 2016. Tiaoxin v2.1. CAESAR Third Round Submission.Google Scholar
  99. Pereira O, Standaert FX, Vivek S, 2015. Leakage-resilient authentication and encryption from symmetric cryptographic primitives. Proc 22nd ACM SIGSAC Conf on Computer and Communications Security, p.96–108.  https://doi.org/10.1145/2810103.2813626 CrossRefGoogle Scholar
  100. Peyrin T, Sim SM, Wang L, et al., 2015. Cryptanalysis of JAMBU. Proc 22nd Int Workshop on Fast Software Encryption, p.264–281.  https://doi.org/10.1007/978-3-662-48116-5_13 Google Scholar
  101. Recacha F, 2016. Input and output chaining. Submission to NIST.Google Scholar
  102. Rivain M, Prouff E, 2010. Provably secure higher-order masking of AES. Proc 12th Int Workshop on Cryptographic Hardware and Embedded Systems, p.413–427.  https://doi.org/10.1007/978-3-642-15031-9_28 zbMATHCrossRefGoogle Scholar
  103. Rogaway P, 2004. Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. Proc 10th Int Conf on the Theory and Application of Cryptology and Information Security, p.16–31.  https://doi.org/10.1007/978-3-540-30539-2_2 zbMATHCrossRefGoogle Scholar
  104. Rogaway P, 2016. Offset codebook. Submission to NIST.Google Scholar
  105. Rogaway P, Shrimpton T, 2007. The SIV mode of operation for deterministic authenticated-encryption (key wrap) and misuse-resistant nonce-based authenticatedencryption. https://doi.org/web.cs.ucdavis.edu/rogaway/papers/siv.pdf Google Scholar
  106. Rogaway P, Bellare M, Black J, et al., 2001. OCB Mode. IACR Cryptology ePrint Archive.Google Scholar
  107. Rott J, 2010. IntelAdvanced Encryption Standard Instructions (AES-NI). Technical Report, Intel.Google Scholar
  108. Roy DB, Chakraborti A, Chang D, et al., 2016. Fault based almost universal forgeries on CLOC and SILC. Proc 6th Int Conf on Security, Privacy, and Applied Cryptography Engineering, p.66–86.  https://doi.org/10.1007/978-3-319-49445-6_4 CrossRefGoogle Scholar
  109. Roy DB, Chakraborti A, Chang D, et al., 2017. Two efficient fault-based attacks on CLOC and SILC. J Hardw Syst Secur, 1(3):252–268.  https://doi.org/10.1007/s41635-017-0022-1 CrossRefGoogle Scholar
  110. Sadeghi H, Alizadeh J, 2014. A forgery attack on AES-OTR.Google Scholar
  111. Salam I, Simpson L, Bartlett H, et al., 2017. Investigating cube attacks on the authenticated encryption stream cipher MORUS. IEEE Trustcom/BigDataSE/ICESS, p.961–966.  https://doi.org/10.1109/trustcom/bigdatase/icess.2017.337 CrossRefGoogle Scholar
  112. Salam I, Al Mahri HQ, Simpson L, et al., 2018a. Fault attacks on Tiaoxin-346. Proc Australasian Computer Science Week Multiconf, Article 5.  https://doi.org/10.1145/3167918.3167940 CrossRefGoogle Scholar
  113. Salam I, Simpson L, Bartlett H, et al., 2018b. Fault attacks on the authenticated encryption stream cipher MORUS. Cryptography, 2(1), Article 4.  https://doi.org/10.3390/cryptography2010004 CrossRefGoogle Scholar
  114. Salam MI, Bartlett H, Dawson E, et al., 2016a. Investigating cube attacks on the authenticated encryption stream cipher ACORN. Proc 6th Int Conf on Applications and Techniques in Information Security, p.15–26.  https://doi.org/10.1007/978-981-10-2741-3_2 CrossRefGoogle Scholar
  115. Salam MI, Wong KKH, Bartlett H, et al., 2016b. Finding state collisions in the authenticated encryption stream cipher ACORN. Proc Australasian Computer Science Week Multiconf, Article 36.CrossRefGoogle Scholar
  116. Samwel N, Daemen J, 2017. DPA on hardware implementations of Ascon and Keyak. Proc Computing Frontiers Conf, p.415–424.  https://doi.org/10.1145/3075564.3079067 CrossRefGoogle Scholar
  117. Sasaki Y, 2018. Improved related-tweakey boomerang attacks on deoxys-BC. Progress in Cryptology-AFRICACRYPT, p.87–106.  https://doi.org/10.1007/978-3-319-89339-6_6 zbMATHCrossRefGoogle Scholar
  118. Schroeppel RC, Anderson WE, Beaver CL, et al., 2004. Cipher-state (CS) mode of operation for AES. Submission to NIST.Google Scholar
  119. Shi TR, Guan J, Li JZ, et al., 2016. Improved collision cryptanalysis of authenticated cipher MORUS. Proc 2nd Int Conf on Artificial Intelligence and Industrial Engineering, p.429–432.  https://doi.org/10.2991/aiie-16.2016.98 CrossRefGoogle Scholar
  120. Shi TR, Jin CH, Guan J, 2018. Collision attacks against AEZ-PRF for authenticated encryption AEZ. China Commun, 15(2):46–53.  https://doi.org/10.1109/CC.2018.8300271 CrossRefGoogle Scholar
  121. Siddhanti A, Sarkar S, Maitra S, et al., 2017. Differential fault attack on grain v1, ACORN v3 and lizard. Proc 7th Int Conf on Security, Privacy, and Applied Cryptography Engineering, p.247–263.  https://doi.org/10.1007/978-3-319-71501-8_14 CrossRefGoogle Scholar
  122. Song L, Guo J, Shi DP, et al., 2017. New MILP modeling: improved conditional cube attacks on Keccakbased constructions. Cryptology ePrint Archive: Report 2017/1030.Google Scholar
  123. Stoffelen K, 2015. Intrinsic Side-Channel Analysis Resistance and Efficient Masking. MS Thesis, Radboud University, Nijmegen, the Netherlands.Google Scholar
  124. Sun ZL, Wang P, Zhang LT, 2012. Collision attacks on variant of OCB mode and its series. Proc 8th Int Conf on Information Security and Cryptology, p.216–224.  https://doi.org/10.1007/978-3-642-38519-3_14 zbMATHGoogle Scholar
  125. Unterluggauer T, Werner M, Mangard S, 2018. MEAS: memory encryption and authentication secure against sidechannel attacks. J Cryptogr Eng, 2018(1):1–22.  https://doi.org/10.1007/s13389-018-0180-2 Google Scholar
  126. Vaudenay S, Vizár D, 2017. Under pressure: security of Caesar candidates beyond their guarantees. Cryptology ePrint Archive: Report 2017/1147.Google Scholar
  127. Veyrat-Charvillon N, Medwed M, Kerckhof S, et al., 2012. Shuffling against side-channel attacks: a comprehensive study with cautionary note. Proc 18th Int Conf on the Theory and Application of Cryptology and Information Security, p.740–757.  https://doi.org/10.1007/978-3-642-34961-4_44 zbMATHGoogle Scholar
  128. Wang G, Zhang HY, Liu FM, 2017. Security proof of JAMBU under nonce respecting and nonce misuse cases. Cryptology ePrint Archive: Report 2017/831.Google Scholar
  129. Wang HR, He H, Zhang WZ, 2018. Demadroid: object reference graph-based malware detection in Android. Secur Commun Netw, Article 7 064 131.  https://doi.org/10.1155/2018/7064131 Google Scholar
  130. Wegman MN, Carter JL, 1981. New hash functions and their use in authentication and set equality. J Comp Syst Sci, 22(3):265–279.  https://doi.org/10.1016/0022-0000(81)90033-7 MathSciNetzbMATHCrossRefGoogle Scholar
  131. Wetzels J, Bokslag W, 2015. Sponges and engines: an introduction to Keccak and Keyak. https://doi.org/arxiv.org/abs/1510.02856 Google Scholar
  132. Whiting D, Housley R, Ferguson N, 2003. Counter with CBC-MAC (CCM). Network Working Group.CrossRefGoogle Scholar
  133. Wu HJ, 2016. ACORN: a lightweight authenticated cipher (v3). Candidate for the CAESAR Competition.Google Scholar
  134. Wu HJ, Huang T, 2014. JAMBU lightweight authenticated encryption mode and AES-JAMBU. CAESAR Competition Proposal.Google Scholar
  135. Wu HJ, Huang T, 2016. The authenticated cipher MORUS (v2). https://doi.org/competitions.cr.yp.to/round3/morusv2.pdf Google Scholar
  136. Wu HJ, Preneel B, 2013. AEGIS: a fast authenticated encryption algorithm. Proc 20th Int Conf on Selected Areas in Cryptography, p.185–201.  https://doi.org/10.1007/978-3-662-43414-7_10 zbMATHGoogle Scholar
  137. Xue L, 2016. A Novel Approach for Flexray Protocol with Confidentiality and Authenticity. MS Thesis, National University of Singapore, Singapore.Google Scholar
  138. Yalla P, Kaps JP, 2017. Evaluation of the CAESAR hardware API for lightweight implementations. Int Conf on Re-ConFigurable Computing and FPGAs (ReConFig), p.1–6.  https://doi.org/10.1109/RECONFIG.2017.8279790 CrossRefGoogle Scholar
  139. Zhang P, Guan J, Li JZ, et al., 2015. Research on the confusion and diffusion properties of the initialization of MORUS. J Cryptol Res, 2(6):536–548 (in Chinese).  https://doi.org/10.13868/j.cnki.jcr.000100 Google Scholar
  140. Zhang P, Wang P, Hu HG, 2016. The INT-RUP security of OCB with intermediate (Parity) checksum. IACR Cryptology ePrint Archive: Report 2016/1059.Google Scholar
  141. Zhang T, Li Q, Zhang CS, et al., 2017. Current trends in the development of intelligent unmanned autonomous systems. Front Inform Technol Electron Eng, 18(1):68–85.  https://doi.org/10.1631/FITEE.1601650 CrossRefGoogle Scholar
  142. Zhang WZ, Li X, Xiong NX, et al., 2016. Android platformbased individual privacy information protection system. Pers Ubiq Comp, 20(6):875–884.  https://doi.org/10.1007/s00779-016-0966-0 CrossRefGoogle Scholar
  143. Zhang XJ, Feng XT, Lin DD, 2017. Fault attack on the authenticated cipher ACORN v2. Secur Commun Netw, Article 3 834 685.  https://doi.org/10.1155/2017/3834685 CrossRefGoogle Scholar
  144. Zhang XJ, Feng XT, Lin DD, 2018. Fault attack on ACORN v3. Comp J, 61(8):1166–1179.  https://doi.org/10.1093/comjnl/bxy044 MathSciNetCrossRefGoogle Scholar

Copyright information

© Editorial Office of Journal of Zhejiang University Science and Springer-Verlag GmbH Germany, part of Springer Nature 2018

Authors and Affiliations

  1. 1.College of Information Science and Electronic EngineeringZhejiang UniversityHangzhouChina
  2. 2.Institute of Cyberspace ResearchZhejiang UniversityHangzhouChina
  3. 3.State Key Laboratory of CryptologyBeijingChina
  4. 4.Alibaba-Zhejiang University Joint Institute of Frontier TechnologiesHangzhouChina
  5. 5.Institute of North Electronic EquipmentBeijingChina

Personalised recommendations