Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Presentation

Efficient Instances of Docked Double Decker With AES, and Application to Authenticated Encryption

June 21, 2024

Presenters

Christoph Dobraunig - Intel Labs

Description

A tweakable wide blockcipher is a construction which behaves in the same way as a tweakable blockcipher, with the difference that the actual block size is flexible. Due to this feature, a tweakable wide blockcipher can be directly used as a strong encryption scheme that provides full diffusion when encrypting plaintexts to ciphertexts and vice versa. Furthermore, it can be the basis of authenticated encryption schemes fulfilling the strongest security notions. In this paper, we present three instantiations of the docked double decker tweakable wide blockcipher: ddd-AES, ddd-AES+, and bbb-ddd-AES. These instances exclusively use similar building blocks as AES-GCM (AES and finite field multiplication), are designed for maximal parallelism, and hence, can make efficient use of existing hardware accelerators. ddd-AES is a birthday bound secure scheme, and ddd-AES+ is an immediate generalization to allow for variable length tweaks. bbb-ddd-AES achieves security beyond the birthday bound provided that the same tweak is not used too often. Moreover, bbb-ddd-AES builds upon a novel conditionally beyond birthday bound secure pseudorandom function, a tweakable variant of the XOR of permutations, facilitating in the need to include a tweak in the AES evaluations without sacrificing flexibility in docked double decker. We furthermore introduce an authenticated encryption mode aaa specifically tailored to be instantiated with ddd-AES and bbb-ddd-AES, where special attention is given to how the nonce and associated data can be processed. We prove that this mode is secure in the nonce-respecting setting, in the nonce-misuse setting, as well as in the setting where random nonces are used.

Presented at

Workshop on the Requirements for an Accordion Cipher Mode 2024

Event Details

Location

    National Cybersecurity Center of Excellence (NCCoE)
    9700 Great Seneca Highway
    Rockville, MD 20850

Related Topics

Security and Privacy: encryption

Created June 20, 2024, Updated June 21, 2024