ABSTRACT
This paper displays AquaMZ, an authenticated encryption with associated data (AEAD) algorithm for IoT protocols. It mainly focusing on the new cross field of IoT and symmetric cryptography and we optimized the algorithm by the lightweight idea. Unlike other AEAD schemes using conventional generalized Feistel network, AquaMZ improved its underlying primitive with the diffusion switching mechanism (DSM) to upgrade its 336-bit internal state such that it can provide sufficient security range for IoT devices. The permutation of AquaMZ has a unique symmetrical structure, hence, the encryption and decryption of AquaMZ are completely consistent and only require a low cost. Furthermore, AquaMZ has a low footprint on hardware and can be implement easily on RFID, FGPA or other resource-constrained platforms. AquaMZ is a duplex-structure-based algorithm and is efficiency for software, suitable for real-time and online communications. All family numbers of AquaMZ can not only encrypt plaintext and protect data integrity, but also provide high robustness to resist vulnerable implementation, and has satisfactory flexibility. We listed the features of the AquaMZ family and substantiate its security.
- Rogaway, P. 2002. Authenticated-Encryption with Associated-Data. ACM Conference on Computer and Communications Security (CCS'02), pp 98-107, ACM press, 2002. https://doi.org/10.1145/586110.586125Google ScholarDigital Library
- Bertoni, G., Daemen, J., Peeters, M., Van Assche, G. 2012. Permutation-Based Encryption, Authentication and Authenticated Encryption. In DIAC 2012.Google Scholar
- Hoang, V.T., Rogaway, P. 2010. On generalized Feistel networks. CRYPTO 2010: Advances in Cryptology – CRYPTO 2010, pp 613-630. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14623-7_33Google ScholarCross Ref
- Shannon, C.E. 1949. Communication theory of secrecy systems. The Bell System Technical Journal, Volume: 28, Issue: 4, pp 656-715. 10.1002/j.1538-7305.1949.tb00928.xGoogle Scholar
- Shirai, T., Araki, K. 2008. On generalized Feistel structures using the diffusion switching mechanism. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences. Volume: E91-A, Issue: 8, pp 2120–2129. https://doi.org/10.1093/ietfec/e91-a.8.2120Google ScholarCross Ref
- Bogdanov, A., Mendel, F., Regazzoni, F., Rijmen, V., & Tischhauser, E. (2013). ALE: AES-based lightweight authenticated encryption. Lecture Notes in Computer Science.Google Scholar
- Lipmaa, H., Rogaway, P., Wagner, D. 2001. Comments to NIST concerning AES Modes of Operations: CTR-Mode Encryption.Google Scholar
- Bertoni, G., Daemen, J., Peeters, M., Van Assche, G. 2011. On the Security of the Keyed Sponge Construction. In SKEW 2011. Volume: 12, Issue: 4, pp 265-274. https://doi.org/10.1049/iet-ifs.2017.0027Google ScholarDigital Library
- Aumasson, J.P., Jovanovic, P., Neves, S. 2014. NORX: Parallel and scalable AEAD. ESORICS 2014: Computer Security - ESORICS 2014 (LNCS, Volume 8713), pp 19-36. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-319-11212-1_2Google ScholarDigital Library
- Dobraunig, C., Eichlseder, M., Mendel, F., Schlaffer, M. 2016. Ascon v1.2. Submission to the caesar competition. J Cryptol 34, 33 2021. Springer, Berlin, Heidelberg. https://doi.org/10.1007/s00145-021-09398-9Google ScholarDigital Library
- Nyberg, K. 2005. Generalized Feistel Networks. ASIACRYPT 1996: Advances in Cryptology — ASIACRYPT '96, pp 91-104. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0034838Google ScholarCross Ref
- Shirai, T., Shibutani K. 2006. On Feistel structures using a diffusion switching mechanism. FSE 2006: Fast Software Encryption, pp 41-56. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11799313_4Google ScholarDigital Library
- Shoup, V. 2004. Sequences of games: a tool for taming complexity in security proofs. 2003 IACR Cryptology ePrint Archive, Volume: 2004, pp 332.Google Scholar
- Biham, E., Shamir, A. 1991. Differential Cryptanalysis of DES-Like Cryptosystems. Journal of Cryptology, Volume: 4, issue: 1, pp 3–72. https://doi.org/10.1007/BF00630563Google ScholarDigital Library
- Matsui, M. 1993. Linear Cryptanalysis Method for DES Cipher. Advances in Cryptology — EUROCRYPT'93, pp 386–397. https://doi.org/10.1007/3-540-48285-7_33Atul Adya, Paramvir Bahl, Jitendra Padhye, Alec Wolman, and Lidong Zhou. 2004. A multi-radio unification protocol for IEEE 802.11 wireless networks. In Proceedings of the IEEE 1st International Conference on Broadnets Networks (BroadNets’04). IEEE, Los Alamitos, CA, 210–217. https://doi.org/10.1109/BROADNETS.2004.8Google ScholarCross Ref
- Daniel, D., Le, C.Y., Dmitry, K., Triathlon of Lightweight Block Ciphers for the Internet of Things. Journal of Cryptographic Engineering, 2019, 9: 283-302.Google ScholarCross Ref
- Nubila Nabeel, Hadi Habaebi, Md Rafiqul Islam. Performance Evaluation of Lightweight Cryptofunctions for Internet of Things Applications. vol.12 no.02, pp.800-808.2020.Google Scholar
- Banik, S., Pandey, S.K., Peyrin, T., GIFT: A Small Present. Cryptographic Hard-ware Embedded System-CHES 2017, Cham: Springer, 2017: 321-345.Google Scholar
- Koo, B., Roh, D., Kim, H., CHAM: A Family of Lightweight Block Ciphers for Resource Constrained Devices. Information Security and Cryptology-ICISC2017, Cham: Springer, 2017: 3-25.Google Scholar
- Avanzi, R. The QARMA block cipher family. IACR Transactions on Symmetric Cryptology, 2017(1): 4-44.Google Scholar
Index Terms
- AquaMZ: New Lightweight Authenticated Encryption with Generalized Feistel Network Based Primitive for IoT Protocols
Recommendations
New identity-based key-insulated convertible multi-authenticated encryption scheme
Elaborating on the merits of convertible multi-authenticated encryption (CMAE) schemes and key-insulated systems, we propose a novel identity-based key-insulated convertible multi-authenticated encryption scheme (IB-KI-CMAE), which can effectively ...
Convertible multi-authenticated encryption scheme
A convertible authenticated encryption (CAE) scheme allows the signer to generate a valid authenticated ciphertext on his chosen message such that only the designated recipient can retrieve the message. Further, the recipient has the ability to convert ...
Practical convertible authenticated encryption schemes using self-certified public keys
A convertible authenticated encryption scheme allows a designated receiver to recover and verify a message simultaneously, during which the recipient can prove the dishonesty of the sender to any third party if the sender repudiates her signature later. ...
Comments