Abstract
Encryption and decryption are the two most important complex methods for achieving security in any type of smart devices and systems/machines through transport layer security protocol (TLS). The symmetric key algorithms are the significant method for encrypting and decrypting the data/information using block cipher or stream cipher which is used for TLS protocol. The primary symmetric key block cipher algorithm used in TLS is Advanced Encryption standard (AES) and it provides security based on the key bits used in AES operation. The TLS protocol provides confidentiality(C), integrity (I) and Authenticity (A) in a single pass communication that is Authentication Encryption and Authentication Data (AEAD) between web browser and web server. It uses well known TLS cipher suite AES-GCM (Galois Counter mode) which is commonly used in TLS1.2. Suppose AES-NI hardware acceleration is not available in smart devices like tablets it causes performance issues in smart devices using TLS 1.2 protocol. If the smart device does not possess AES-NI, it can use software for running AES-GCM but it takes a lot of time for encryption/decryption of information, ergo causing the battery performance in smart devices. The newer symmetric Stream cipher CHACHA20-POLY1305 provides AEAD for securing the communication in smart devices thus reducing the battery cycles which is used for TLS 1.3. The paper discusses the pros and cons of AES-GCM authentication encryption used in TLS 1.2.
Keywords
References
Bellare, M., Tackmann, B.: The multi-user security of authenticated encryption: AES-GCM in TLS1.3. In: Advances in Cryptology—CRYPTO 2016, pp. 247–276 (2016)
Meyer, C., Somorovsky, J., Weiss, E., Schwenk, J., Schinzel, S., Tews, E.: Revisiting SSL/TLS implementations: new bleichenbacher side channels and attacks. In: 23rd USENIX Security Symposium (USENIX 2014), pp. 733–748 (2014)
Krawczyk, H., Paterson, K.G., Wee, H.: On the security of the TLS protocol: a systematic analysis. In: Advances in Cryptology—CRYPTO 2013, pp. 429–448 (2013)
Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005). doi:10.1007/11426639_2
Federal Information Processing Standards Publication 180-2. http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
Rogaway, P., Atluri, V.: Authenticated-encryption with associated-data. In: ACM Conference on Computer and Communications Security, pp. 98–107 (2002)
McGrew, D.A., Viega, J.: The Galois/counter mode of operation (GCM). Submission to NIST modes of operation process. http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes (2004)
Dworkin, M.: Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality. National Institute of Standards and Technology, NIST Special Publication 800-38C (2004)
Kohno, T., Viega, J., Whiting, D.: CWC: a high-performance conventional authenticated encryption mode. http://eprint.iacr.org/2003/106/
FIPS Pub. 197. Specification for the Advanced Encryption Standard (AES). National Institute of Standards and Technology, Federal Information Processing Standards (2001)
Bernstein, Daniel J.: Stronger Security Bounds for Wegman-Carter-Shoup Authenticators. In: Cramer, Ronald (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 164–180. Springer, Heidelberg (2005). doi:10.1007/11426639_10
Saarinen, M.O.: Cycling attacks on GCM, GHASH and other polynomial MACs and hashes. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 216–225. Springer, Berlin (2012)
McGrew, D.A., Viega, J.: The security and performance of the galois/counter mode of operation (full version). Cryptology ePrint Archive, Report 2004/193 (2004). http://eprint.iacr.org/
Iwata, T., Ohashi, K., Minematsu, K.: Breaking and repairing GCM security proofs. Cryptology ePrint Archive, Report 2012/438 (2012). http://eprint.iacr.org/
Saarinen, M.O.: SGCM: the Sophie Germain counter mode. Cryptology ePrint Archive, Report 2011/326 (2011). http://eprint.iacr.org/
Gueron, S., Kounavis, M.E.: Intel Carry-Less Multiplication Instruction and its Usage for Computing the GCM Mode (Rev. 2). Intel Software Network (2010). http://software.intel.com/en-us/articles/carry-less-multiplication-and-its-usage-for-computing-the-gcm-mode/
Gueron, S., Krasnov, V.: [PATCH] efficient implementation of AES-GCM, using Intel’s AES-NI, PCLMULQDQ instruction, and the advanced vector extension (AVX). http://rt.openssl.org/Ticket/Display.html?id=2900. Accessed Oct 2012
Procter, Gordon: A Security analysis of the composition of ChaCha20 and Poly1305. IACR Cryptol. ePrint Arch. 2014, 613 (2014)
A cryptographic analysis of the TLS 1.3 draft-10 full and pre-shared key handshake protocol (2016). http://eprint.iacr.org/2016/081
Yap, W., Yeo, S.L., Heng, S., Henricksen, M.: Security analysis of GCM for communication. Secur. Commun. Netw. 7(5), 854–864 (2014)
Andreeva, E., Bogdanov, A., Luykx, A., Mennink, B., Tischhauser, E., Yasuda, K.: Parallelizable and Authenticated Online Ciphers. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8269, pp. 424–443. Springer, Heidelberg (2013). doi:10.1007/978-3-642-42033-7_22
Bellare, M., Rogaway, P., Wagner, D.: The EAX Mode of Operation. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 389–407. Springer, Heidelberg (2004). doi:10.1007/978-3-540-25937-4_25
Ferguson, N.: Authentication weaknesses in GCM. NIST Comment (2005)
Bernstein, D.J.: Cache-timing attacks on AES. Technical report, 2005 Antoine Joux. Authentication failures in NIST version of GCM (2006). http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/Joux_comments.pdf. Accessed 20 Feb 2016
Hastad, J.: The security of the IAPM and IACBC modes. J. Cryptol. 20(2), 153–163 (2007)
Akdemir, K. e.a.: Breakthrough AES performance with intel AES new instructions, Intel Whitepaper (2010). http://software.intel.com/file/27067
Gopal, V. et al.: Optimized Galois-counter-mode implementation on intel architecture processors, Intel Whitepaper (2010). http://download.intel.com/design/ intarch/PAPERS/324194.pdf
Hoban, A.: Using intel AES new instructions and PCLMULQDQ to significantly improve IPSec performance on Linux, Intel Whitepaper (2010), https://www.Intel.com/design/intarch/papers/324238.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Arunkumar, B., Kousalya, G. (2018). Analysis of AES-GCM Cipher Suites in TLS. In: Thampi, S., Mitra, S., Mukhopadhyay, J., Li, KC., James, A., Berretti, S. (eds) Intelligent Systems Technologies and Applications. ISTA 2017. Advances in Intelligent Systems and Computing, vol 683. Springer, Cham. https://doi.org/10.1007/978-3-319-68385-0_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-68385-0_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-68384-3
Online ISBN: 978-3-319-68385-0
eBook Packages: EngineeringEngineering (R0)