Abstract
The sponge construction, designed by Bertoni, Daemen, Peeters, and Van Assche, is the hash domain extension, which allows any hash-output size, and it was also adopted as the hash mode for several concrete hash algorithms. For its security reason, they showed that its padding scheme is required to be injective, reversible, and the last block of a padded message is non-zero. However, firstly we will show that if the output size is less than or equal to the one-block size, then any injective and reversible padding scheme is sufficient. In particular, only for any message whose size is a multiple of block-length, we can take the identity function (which is also injective and reversible) as its padding scheme. Next, we take a look at the padding scheme of SpongeWrap which is a sponge-based authenticated encryption scheme and designed by the same authors. Since the padding scheme of SpongeWrap is inspired by that of the sponge construction, it requires that the padding scheme of SpongeWrap calls its underlying padding scheme for every message block, where the underlying padding scheme is also required to be injective, reversible, and the last block of a padded message is non-zero. In addition, the padding scheme of SpongeWrap includes additional frame bits for the privacy and authenticity of SpongeWrap. So, the padding scheme of SpongeWrap consists of its underlying padding scheme and frame bits. However, secondly, we will show that the non-zero condition on the underlying padding scheme is redundant, in other words, any injective and reversible padding scheme is sufficient for the underlying padding scheme.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Andreeva, E., Mennink, B., Preneel, B.: The Parazoa Family: Generalizing the Sponge Hash Functions. International Journal of Information Security 11(3), 149–165 (2012)
Aumasson, J.-P., Henzen, L., Meier, W., Naya-Plasencia, M.: Quark: A Lightweight Hash. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 1–15. Springer, Heidelberg (2010)
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: On the Indifferentiability of the Sponge Construction. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 181–197. Springer, Heidelberg (2008)
Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: On the security of the keyed sponge construction. Submission to the NIST Second SHA-3 Workshop (2010), http://csrc.nist.gov/groups/ST/hash/sha-3/Round2/Aug2010/documents/papers/VANASSCHE_SpongeKeyed.pdf
Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Duplexing the sponge: single-pass authenticated encryption and other applications. Submission to the NIST Second SHA-3 Workshop (2010), http://csrc.nist.gov/groups/ST/hash/sha-3/Round2/Aug2010/documents/papers/DAEMEN_DuplexSponge.pdf
Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: The Keccak sponge function family. Submission to NIST (Round 3) (2011), http://keccak.noekeon.org/Keccak-submission-3.pdf
Bellare, M., Rogaway, P.: The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 409–426. Springer, Heidelberg (2006)
Bogdanov, A., Knežević, M., Leander, G., Toz, D., Varıcı, K., Verbauwhede, I.: spongent: A Lightweight Hash Function. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 312–325. Springer, Heidelberg (2011)
Bogdanov, A., Knudsen, L.R., Leander, G., Standaert, F.-X., Steinberger, J., Tischhauser, E.: Key-Alternating Ciphers in a Provable Setting: Encryption Using a Small Number of Public Permutations (Extended Abstract). In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 45–62. Springer, Heidelberg (2012)
Chang, D., Dworkin, M., Hong, S., Kelsey, J., Nandi, M.: A Keyed Sponge Construction with Pseudorandomness in the Standard Model. Submission to the NIST Third SHA-3 Workshop (2012)
Coron, J.-S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-Damgård Revisited: How to Construct a Hash Function. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 430–448. Springer, Heidelberg (2005)
Guo, J., Peyrin, T., Poschmann, A.: The PHOTON Family of Lightweight Hash Functions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 222–239. Springer, Heidelberg (2011)
Maurer, U., Renner, R., Holenstein, C.: Indifferentiability, Impossibility Results on Reductions, and Applications to the Random Oracle Methodology. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 21–39. Springer, Heidelberg (2004)
Rogaway, P., Bellare, M., Black, J.: OCB: A Block-Cipher Mode of Operation for Efficient Authenticated Encryption. ACM Transactions on Information and System Security (TISSEC) 6(3), 365–403 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chang, D. (2012). Sufficient Conditions on Padding Schemes of Sponge Construction and Sponge-Based Authenticated-Encryption Scheme. In: Galbraith, S., Nandi, M. (eds) Progress in Cryptology - INDOCRYPT 2012. INDOCRYPT 2012. Lecture Notes in Computer Science, vol 7668. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34931-7_31
Download citation
DOI: https://doi.org/10.1007/978-3-642-34931-7_31
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34930-0
Online ISBN: 978-3-642-34931-7
eBook Packages: Computer ScienceComputer Science (R0)