Context-committing security of leveled leakage-resilient AEAD

Context-committing security of leveled leakage-resilient AEAD

During recent years, research on authenticated encryption has been thriving through two highly active and practically motivated research directions: provable leakage resilience and key-or context-commitment security. However, the intersection of both fields had been overlooked until very recently. I...

Full description

Saved in:
Bibliographic Details
Main Authors: Dhar, Chandranan, Ethan, Jordan, Jejurikar, Ravindra, Khairallah, Mustafa, List, Eik, Mandal, Sougata
Other Authors: School of Physical and Mathematical Sciences
Format: Article
Language:English
Published: 2024
Subjects:
Mathematical Sciences
Authenticated encryption
Provable security
Online Access:https://hdl.handle.net/10356/181718
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-181718
record_format dspace
spelling sg-ntu-dr.10356-1817182024-12-16T15:35:52Z Context-committing security of leveled leakage-resilient AEAD Dhar, Chandranan Ethan, Jordan Jejurikar, Ravindra Khairallah, Mustafa List, Eik Mandal, Sougata School of Physical and Mathematical Sciences Mathematical Sciences Authenticated encryption Provable security During recent years, research on authenticated encryption has been thriving through two highly active and practically motivated research directions: provable leakage resilience and key-or context-commitment security. However, the intersection of both fields had been overlooked until very recently. In ToSC 1/2024, Struck and Weishäupl studied generic compositions of encryption schemes and message authentication codes for building committing leakage-resilient schemes. They showed that, in general, Encrypt-then-MAC (EtM) and MAC-then-Encrypt (MtE) are not committing while Encrypt-and-MAC (EaM) is, under plausible and weak assumptions on the components. However, real-world schemes are rarely strict blackbox constructions. Instead, while various leakage-resilient schemes follow blueprints inspired by generic compositions, they often tweak them for security or efficiency. In this paper, we study two blueprints, the first one based on EtM for one of the strongest possible levels of leakage resilience. The second one is a single-pass framework based on leveled implementations. We show that, with a careful selection of the underlying primitives such as with identical encryption and authentication keys and a collision-resistant PRF as the MAC, these blueprints are committing. Our results do not contradict the results by Struck and Weishäupl since we pose more, but practically-motivated, requirements on the components. We demonstrate the practical relevance of our results by showing that our results on those blueprints allow us to easily derive proofs that several state-of-the-art leakage-resilient schemes are indeed committing, including TEDT and its descendants TEDT2 and Romulus-T, as well as the single-pass scheme Triplex. Published version Mustafa Khairallah is funded by the Wallenberg-NTU Postdoctoral Presidential Fellowship. Eik List has been supported by Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) – LI 4223/1-1. 2024-12-16T01:50:56Z 2024-12-16T01:50:56Z 2024 Journal Article Dhar, C., Ethan, J., Jejurikar, R., Khairallah, M., List, E. & Mandal, S. (2024). Context-committing security of leveled leakage-resilient AEAD. IACR Transactions On Symmetric Cryptology, 2024(2), 348-370. https://dx.doi.org/10.46586/tosc.v2024.i2.348-370 2519-173X https://hdl.handle.net/10356/181718 10.46586/tosc.v2024.i2.348-370 2-s2.0-85197282999 2 2024 348 370 en IACR Transactions on Symmetric Cryptology © 2024 Chandranan Dhar, Jordan Ethan, Ravindra Jejurikar, Mustafa Khairallah, Eik List, Sougata Mandal. Licensed under Creative Commons License CC-BY 4.0. application/pdf
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic Mathematical Sciences
Authenticated encryption
Provable security
spellingShingle Mathematical Sciences
Authenticated encryption
Provable security
Dhar, Chandranan
Ethan, Jordan
Jejurikar, Ravindra
Khairallah, Mustafa
List, Eik
Mandal, Sougata
Context-committing security of leveled leakage-resilient AEAD
description During recent years, research on authenticated encryption has been thriving through two highly active and practically motivated research directions: provable leakage resilience and key-or context-commitment security. However, the intersection of both fields had been overlooked until very recently. In ToSC 1/2024, Struck and Weishäupl studied generic compositions of encryption schemes and message authentication codes for building committing leakage-resilient schemes. They showed that, in general, Encrypt-then-MAC (EtM) and MAC-then-Encrypt (MtE) are not committing while Encrypt-and-MAC (EaM) is, under plausible and weak assumptions on the components. However, real-world schemes are rarely strict blackbox constructions. Instead, while various leakage-resilient schemes follow blueprints inspired by generic compositions, they often tweak them for security or efficiency. In this paper, we study two blueprints, the first one based on EtM for one of the strongest possible levels of leakage resilience. The second one is a single-pass framework based on leveled implementations. We show that, with a careful selection of the underlying primitives such as with identical encryption and authentication keys and a collision-resistant PRF as the MAC, these blueprints are committing. Our results do not contradict the results by Struck and Weishäupl since we pose more, but practically-motivated, requirements on the components. We demonstrate the practical relevance of our results by showing that our results on those blueprints allow us to easily derive proofs that several state-of-the-art leakage-resilient schemes are indeed committing, including TEDT and its descendants TEDT2 and Romulus-T, as well as the single-pass scheme Triplex.
author2 School of Physical and Mathematical Sciences
author_facet School of Physical and Mathematical Sciences
Dhar, Chandranan
Ethan, Jordan
Jejurikar, Ravindra
Khairallah, Mustafa
List, Eik
Mandal, Sougata
format Article
author Dhar, Chandranan
Ethan, Jordan
Jejurikar, Ravindra
Khairallah, Mustafa
List, Eik
Mandal, Sougata
author_sort Dhar, Chandranan
title Context-committing security of leveled leakage-resilient AEAD
title_short Context-committing security of leveled leakage-resilient AEAD
title_full Context-committing security of leveled leakage-resilient AEAD
title_fullStr Context-committing security of leveled leakage-resilient AEAD
title_full_unstemmed Context-committing security of leveled leakage-resilient AEAD
title_sort context-committing security of leveled leakage-resilient aead
publishDate 2024
url https://hdl.handle.net/10356/181718
_version_ 1819113017391972352

Similar Items