International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

SUNDAE: Small Universal Deterministic Authenticated Encryption for the Internet of Things

Authors:
Subhadeep Banik , LASEC, École Polytechnique Fédérale de Lausanne
Andrey Bogdanov , Technical University of Denmark
Atul Luykx , Visa Research
Elmar Tischhauser , Technical University of Denmark
Download:
DOI: 10.13154/tosc.v2018.i3.1-35
URL: https://tosc.iacr.org/index.php/ToSC/article/view/7296
Search ePrint
Search Google
Presentation: Slides
Abstract: Lightweight cryptography was developed in response to the increasing need to secure devices for the Internet of Things. After significant research effort, many new block ciphers have been designed targeting lightweight settings, optimizing efficiency metrics which conventional block ciphers did not. However, block ciphers must be used in modes of operation to achieve more advanced security goals such as data confidentiality and authenticity, a research area given relatively little attention in the lightweight setting. We introduce a new authenticated encryption (AE) mode of operation, SUNDAE, specially targeted for constrained environments. SUNDAE is smaller than other known lightweight modes in implementation area, such as CLOC, JAMBU, and COFB, however unlike these modes, SUNDAE is designed as a deterministic authenticated encryption (DAE) scheme, meaning it provides maximal security in settings where proper randomness is hard to generate, or secure storage must be minimized due to expense. Unlike other DAE schemes, such as GCM-SIV, SUNDAE can be implemented efficiently on both constrained devices, as well as the servers communicating with those devices. We prove SUNDAE secure relative to its underlying block cipher, and provide an extensive implementation study, with results in both software and hardware, demonstrating that SUNDAE offers improved compactness and power consumption in hardware compared to other lightweight AE modes, while simultaneously offering comparable performance to GCM-SIV on parallel high-end platforms.
Video from TOSC 2018
BibTeX
@article{tosc-2018-29234,
  title={SUNDAE: Small Universal Deterministic Authenticated Encryption for the Internet of Things},
  journal={IACR Transactions on Symmetric Cryptology},
  publisher={Ruhr-Universität Bochum},
  volume={2018, Issue 3},
  pages={1-35},
  url={https://tosc.iacr.org/index.php/ToSC/article/view/7296},
  doi={10.13154/tosc.v2018.i3.1-35},
  author={Subhadeep Banik and Andrey Bogdanov and Atul Luykx and Elmar Tischhauser},
  year=2018
}