International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: TEDT, a Leakage-Resist AEAD Mode for High Physical Security Applications

Authors:
Francesco Berti , ICTEAM/ELEN/Crypto Group, UCL, Louvain-la-Neuve, Belgium
Chun Guo , ICTEAM/ELEN/Crypto Group, UCL, Louvain-la-Neuve, Belgium; School of Cyber Science and Technology and Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University
Olivier Pereira , ICTEAM/ELEN/Crypto Group, UCL, Louvain-la-Neuve, Belgium
Thomas Peters , ICTEAM/ELEN/Crypto Group, UCL, Louvain-la-Neuve, Belgium
François-Xavier Standaert , ICTEAM/ELEN/Crypto Group, UCL, Louvain-la-Neuve, Belgium
Download:
DOI: 10.13154/tches.v2020.i1.256-320
URL: https://tches.iacr.org/index.php/TCHES/article/view/8400
Search ePrint
Search Google
Abstract: We propose TEDT, a new Authenticated Encryption with Associated Data (AEAD) mode leveraging Tweakable Block Ciphers (TBCs). TEDT provides the following features: (i) It offers full leakage-resistance, that is, it limits the exploitability of physical leakages via side-channel attacks, even if these leakages happen during every message encryption and decryption operation. Moreover, the leakage integrity bound is asymptotically optimal in the multi-user setting. (ii) It offers nonce misuse-resilience, that is, the repetition of nonces does not impact the security of ciphertexts produced with fresh nonces. (iii) It can be implemented with a remarkably low energy cost when strong resistance to side-channel attacks is needed, supports online encryption and handles static and incremental associated data efficiently. Concretely, TEDT encourages so-called leveled implementations, in which two TBCs are implemented: the first one needs strong and energy demanding protections against side-channel attacks but is used in a limited way, while the other only requires weak and energy-efficient protections and performs the bulk of the computation. As a result, TEDT leads to more energy-efficient implementations compared to traditional AEAD schemes, whose side-channel security requires to uniformly protect every (T)BC execution.
BibTeX
@article{tches-2019-29962,
  title={TEDT, a Leakage-Resist AEAD Mode for High Physical Security Applications},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2020, Issue 1},
  pages={256-320},
  url={https://tches.iacr.org/index.php/TCHES/article/view/8400},
  doi={10.13154/tches.v2020.i1.256-320},
  author={Francesco Berti and Chun Guo and Olivier Pereira and Thomas Peters and François-Xavier Standaert},
  year=2019
}