International Association for Cryptologic Research

International Association
for Cryptologic Research


AES-LBBB: AES Mode for Lightweight and BBB-Secure Authenticated Encryption

Yusuke Naito , Mitsubishi Electric Corporation, Kanagawa, Japan
Yu Sasaki , NTT Secure Platform Laboratories, Tokyo, Japan
Takeshi Sugawara , The University of Electro-Communications, Tokyo, Japan
DOI: 10.46586/tches.v2021.i3.298-333
Search ePrint
Search Google
Abstract: In this paper, a new lightweight authenticated encryption scheme AESLBBB is proposed, which was designed to provide backward compatibility with advanced encryption standard (AES) as well as high security and low memory. The primary design goal, backward compatibility, is motivated by the fact that AES accelerators are now very common for devices in the field; we are interested in designing an efficient and highly secure mode of operation that exploits the best of those AES accelerators. The backward compatibility receives little attention in the NIST lightweight cryptography standardization process, in which only 3 out of 32 round-2 candidates are based on AES. Our mode, LBBB, is inspired by the design of ALE in the sense that the internal state size is a minimum 2n bits when using a block cipher of length n bits for the key and data. Unfortunately, there is no security proof of ALE, and forgery attacks have been found on ALE. In LBBB, we introduce an additional feed from block cipher’s output to the key state via a certain permutation λ, which enables us to prove beyond-birthday-bound (BBB) security. We then specify its AES instance, AES-LBBB, and evaluate its performance for (i) software implementation on a microcontroller with an AES coprocessor and (ii) hardware implementation for an application-specific integrated circuit (ASIC) to show that AES-LBBB performs better than the current state-of-the-art Remus-N2 with AES-128.
Video from TCHES 2021
  title={AES-LBBB: AES Mode for Lightweight and BBB-Secure Authenticated Encryption},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2021, Issue 3},
  author={Yusuke Naito and Yu Sasaki and Takeshi Sugawara},