International Association for Cryptologic Research

International Association
for Cryptologic Research


Blockcipher-Based Authenticated Encryption: How Small Can We Go?

Avik Chakraborti
Tetsu Iwata
Kazuhiko Minematsu
Mridul Nandi
DOI: 10.1007/978-3-319-66787-4_14
Search ePrint
Search Google
Conference: CHES 2017
Abstract: This paper presents a design of authenticated encryption (AE) focusing on minimizing the implementation size, i.e., hardware gates or working memory on software. The scheme is called $$\textsf {COFB}$$, for COmbined FeedBack. $$\textsf {COFB}$$ uses an n-bit blockcipher as the underlying primitive, and relies on the use of a nonce for security. In addition to the state required for executing the underlying blockcipher, $$\textsf {COFB}$$ needs only n / 2 bits state as a mask. Till date, for all existing constructions in which masks have been applied, at least n bit masks have been used. Thus, we have shown the possibility of reducing the size of a mask without degrading the security level much. Moreover, it requires one blockcipher call to process one input block. We show $$\textsf {COFB}$$ is provably secure up to $$O(2^{n/2}/n)$$ queries which is almost up to the standard birthday bound. We also present our hardware implementation results. Experimental implementation results suggest that our proposal has a good performance and the smallest footprint among all known blockcipher-based AE.
  title={Blockcipher-Based Authenticated Encryption: How Small Can We Go?},
  booktitle={Cryptographic Hardware and Embedded Systems – CHES 2017},
  series={Lecture Notes in Computer Science},
  author={Avik Chakraborti and Tetsu Iwata and Kazuhiko Minematsu and Mridul Nandi},