University of Surrey

Test tubes in the lab Research in the ATI Dance Research

Improved Masking for Tweakable Blockciphers with Applications to Authenticated Encryption

Granger, Robert, Jovanovic, Philipp, Mennink, Bart and Neves, Samuel (2016) Improved Masking for Tweakable Blockciphers with Applications to Authenticated Encryption In: 35th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 08-12 May 2016, Vienna, Austria.

RG_paper.pdf - Accepted version Manuscript

Download (786kB) | Preview


A popular approach to tweakable blockcipher design is via masking, where a certain primitive (a blockcipher or a permutation) is preceded and followed by an easy-to-compute tweak-dependent mask. In this work, we revisit the principle of masking. We do so alongside the introduction of the tweakable Even-Mansour construction MEM. Its masking function combines the advantages of word-oriented LFSR- and powering-up-based methods. We show in particular how recent advancements in computing discrete logarithms over finite fields of characteristic 2 can be exploited in a constructive way to realize highly efficient, constant-time masking functions. If the masking satisfies a set of simple conditions, then MEM is a secure tweakable blockcipher up to the birthday bound. The strengths of MEM are exhibited by the design of fully parallelizable authenticated encryption schemes OPP (nonce-respecting) and MRO (misuse-resistant). If instantiated with a reducedround BLAKE2b permutation, OPP and MRO achieve speeds up to 0.55 and 1.06 cycles per byte on the Intel Haswell microarchitecture, and are able to significantly outperform their closest competitors.

Item Type: Conference or Workshop Item (Conference Paper)
Divisions : Faculty of Engineering and Physical Sciences > Computing Science
Authors :
Jovanovic, Philipp
Mennink, Bart
Neves, Samuel
Date : 28 April 2016
DOI : 10.1007/978-3-662-49890-3_11
Copyright Disclaimer : © International Association for Cryptologic Research 2016
Uncontrolled Keywords : Tweakable Even-Mansour; Masking; Optimization; Discrete logarithms; Authenticated encryption; BLAKE2
Depositing User : Clive Harris
Date Deposited : 07 Feb 2019 10:30
Last Modified : 16 Apr 2019 16:16

Actions (login required)

View Item View Item


Downloads per month over past year

Information about this web site

© The University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom.
+44 (0)1483 300800