Skip to main content
SpringerLink
Log in
Book cover

International Conference on Cryptology in India

INDOCRYPT 2022: Progress in Cryptology – INDOCRYPT 2022 pp 195–219Cite as

\({\textsf {ISAP}{+}}\): \(\textsf {ISAP} \) with Fast Authentication

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13774))

Abstract

This paper analyses the lightweight, sponge-based NAEAD mode \(\textsf {ISAP} \), one of the finalists of the NIST Lightweight Cryptography (LWC) standardisation project, that achieves high-throughput with inherent protection against differential power analysis (DPA). We observe that \(\textsf {ISAP} \) requires 256-bit capacity in the authentication module to satisfy the NIST LWC security criteria. In this paper, we study the analysis carefully and observe that this is primarily due to the collision in the associated data part of the hash function which can be used in the forgery of the mode. However, the same is not applicable to the ciphertext part of the hash function because a collision in the ciphertext part does not always lead to a forgery. In this context, we define a new security notion, named \({\textsf {2PI{+}}}\) security, which is a strictly stronger notion than the collision security, and show that the security of a class of encrypt-then-hash based MAC type of authenticated encryptions, that includes \(\textsf {ISAP} \), reduces to the \({\textsf {2PI{+}}}\) security of the underlying hash function used in the authentication module. Next we investigate and observe that a feed-forward variant of the generic sponge hash achieves better \({\textsf {2PI{+}}}\) security as compared to the generic sponge hash. We use this fact to present a close variant of \(\textsf {ISAP} \), named \({\textsf {ISAP}{+}}\), which is structurally similar to \(\textsf {ISAP} \), except that it uses the feed-forward variant of the generic sponge hash in the authentication module. This improves the overall security of the mode, and hence we can set the capacity of the ciphertext part to 192 bits (to achieve a higher throughput) and yet satisfy the NIST LWC security criteria.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. National Institute of Standards and Technology: FIPS PUB 202: SHA-3Standard: Permutation-based hash and extendable-output functions. Federal Information Processing Standards Publication 202, U.S. Department of Commerce, August 2015

    Google Scholar 

  2. Andreeva, E., et al.: PRIMATEs v1.02. Submission to CAESAR (2016). https://competitions.cr.yp.to/round2/primatesv102.pdf

  3. Andreeva, E., Daemen, J., Mennink, B., Van Assche, G.: Security of keyed sponge constructions using a modular proof approach. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 364–384. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48116-5_18

    Chapter  Google Scholar 

  4. Belaïd, S., et al.: Towards fresh re-keying with leakage-resilient PRFs: cipher design principles and analysis. J. Cryptogr. Eng. 4(3), 157–171 (2014)

    Google Scholar 

  5. Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44448-3_41

    Chapter  Google Scholar 

  6. Bernstein, D.J.: ChaCha, a variant of Salsa20 (2008)

    Google Scholar 

  7. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Sponge functions, 2007. In: Ecrypt Hash Workshop (2007)

    Google Scholar 

  8. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: On the indifferentiability of the sponge construction. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 181–197. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78967-3_11

    Chapter  Google Scholar 

  9. Bertoni, G., Daemen, M.P.J., Van Assche, G., Van Keer, R.: Ketje v2. Submission to CAESAR (2016). https://competitions.cr.yp.to/round3/ketjev2.pdf

  10. Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052259

    Chapter  Google Scholar 

  11. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997). https://doi.org/10.1007/3-540-69053-0_4

    Chapter  Google Scholar 

  12. Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_26

    Chapter  Google Scholar 

  13. Dobraunig, C., Eichlseder, M., Mendel, F., Schläffer, M.: Ascon v1.2. Submission to NIST Lightweight Cryptography, 2019 (2019). https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/ascon-spec-final.pdf

  14. Dobraunig, C., et al.: ISAP v2.0. Submission to NIST (2019). https://csrc.nist.gov/CSRC/media/Projects/Lightweight-Cryptography/documents/round-1/spec-doc/ISAP-spec.pdf

  15. CAESAR Committee: CAESAR: Competition for Authenticated Encryption: Security, Applicability, and Robustness. http://competitions.cr.yp.to/caesar.html/

  16. Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Information Security and Cryptography, Springer, Heidelberg (2002). https://doi.org/10.1007/978-3-662-04722-4

    Book  MATH  Google Scholar 

  17. Dobraunig, C., et al.: ISAP v2.0. https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/isap-spec-final.pdf

  18. Dobraunig, C., et al.: ISAP v2.0. IACR Trans. Symmetric Cryptol. 2020(S1), 390–416 (2020)

    Google Scholar 

  19. Dobraunig, C., Eichlseder, M., Mangard, S., Mendel, F., Unterluggauer, T.: ISAP - towards side-channel secure authenticated encryption. IACR Trans. Symmetric Cryptol. 2017(1), 80–105 (2017)

    Article  Google Scholar 

  20. Dobraunig, C., Eichlseder, M., Mendel, F., Schläffer, M., Ascon v1.2. Submission to CAESAR (2016). https://competitions.cr.yp.to/round3/asconv12.pdf

  21. Gérard, B., Grosso, V., Naya-Plasencia, M., Standaert, F.-X.: Block ciphers that are easier to mask: how far can we go? In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 383–399. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40349-1_22

    Chapter  Google Scholar 

  22. Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. J. ACM 33(4), 792–807 (1986)

    Article  MathSciNet  MATH  Google Scholar 

  23. Goubin, L., Patarin, J.: DES and differential power analysis the “duplication’’ method. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 158–172. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48059-5_15

    Chapter  MATH  Google Scholar 

  24. Grosso, V., et al.: SCREAM side-channel resistant authenticated encryption with masking. Submission to CAESAR (2015). https://competitions.cr.yp.to/round2/screamv3.pdf

  25. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: The Keccak reference (version 3.0) (2011). https://keccak.team/files/Keccak-reference-3.0.pdf

  26. Daemen, J., Peeters, M., Van Assche, G., Rijmen, V.: The NOEKEON block cipher, 2000. Nessie Proposal (2020). https://competitions.cr.yp.to/round3/acornv3.pdf

  27. Kocher, P.C.: Timing Attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68697-5_9

    Chapter  Google Scholar 

  28. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25

    Chapter  Google Scholar 

  29. Medwed, M., Petit, C., Regazzoni, F., Renauld, M., Standaert, F.-X.: Fresh re-keying II: securing multiple parties against side-channel and fault attacks. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 115–132. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-27257-8_8

    Chapter  Google Scholar 

  30. Medwed, M., Standaert, F.-X., Großschädl, J., Regazzoni, F.: Fresh re-keying: security against side-channel and fault attacks for low-cost devices. In: Bernstein, D.J., Lange, T. (eds.) AFRICACRYPT 2010. LNCS, vol. 6055, pp. 279–296. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-12678-9_17

    Chapter  Google Scholar 

  31. NIST: Lightweight cryptography. https://csrc.nist.gov/Projects/Lightweight-Cryptography

  32. Patarin, J.: The “coefficients H’’ technique. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 328–345. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04159-4_21

    Chapter  Google Scholar 

  33. Piret, G., Roche, T., Carlet, C.: PICARO – a block cipher allowing efficient higher-order side-channel resistance. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 311–328. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31284-7_19

    Chapter  Google Scholar 

Download references

Acknowledgement

The authors would like to thank all the anonymous reviewers for their valuable comments and suggestions. Cuauhtemoc Mancillas López is partially supported by the Cryptography Research Center of the Technology Innovation Institute (TII), Abu Dhabi (UAE), under the TII- Cuauhtemoc project.

Author information

Authors and Affiliations

  1. Indian Statistical Institute, Kolkata, India

    Arghya Bhattacharjee & Mridul Nandi

  2. TCG Centres for Research and Education in Science and Technology, Kolkata, India

    Avik Chakraborti & Nilanjan Datta

  3. Computer Science Department, CINVESTAV-IPN, Mexico City, Mexico

    Cuauhtemoc Mancillas-López

Authors
  1. Arghya Bhattacharjee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Avik Chakraborti
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nilanjan Datta
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Cuauhtemoc Mancillas-López
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mridul Nandi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nilanjan Datta .

Editor information

Editors and Affiliations

  1. University of Hyogo, Hyogo, Japan

    Takanori Isobe

  2. Indian Institute of Technology Madras, Chennai, India

    Santanu Sarkar

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bhattacharjee, A., Chakraborti, A., Datta, N., Mancillas-López, C., Nandi, M. (2022). \({\textsf {ISAP}{+}}\): \(\textsf {ISAP} \) with Fast Authentication. In: Isobe, T., Sarkar, S. (eds) Progress in Cryptology – INDOCRYPT 2022. INDOCRYPT 2022. Lecture Notes in Computer Science, vol 13774. Springer, Cham. https://doi.org/10.1007/978-3-031-22912-1_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-22912-1_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-22911-4

  • Online ISBN: 978-3-031-22912-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation