Parallel, sponge-based authenticated encryption with side-channel protection and adversary-invisible nonces / Mohamud Ahmed Jimale

Mohamud Ahmed , Jimale (2023) Parallel, sponge-based authenticated encryption with side-channel protection and adversary-invisible nonces / Mohamud Ahmed Jimale. PhD thesis, Universiti Malaya.

	PDF (The Candidate's Agreement) Restricted to Repository staff only Download (188Kb)
	PDF (Thesis PhD) Download (2069Kb)

Abstract

Since its birth in 2000, Authenticated Encryption (AE) has been a hot research topic. AE plays a crucial role in secure communications today since it is the backbone of standard, secure communication protocols like SSH, SSL, and TLS. In this regard, many new features have been proposed to boost its security, efficiency, or performance. AE is a cryptographic scheme that simultaneously provides two essential security services, i.e., confidentiality and authenticity. The block cipher was the dominant underlying primitive in constructing AE schemes with few others, like stream ciphers and compression functions. Sponge construction is a cryptographic primitive that emerged in 2007 and was first used for AE in 2011. It relies on an iterated permutation or transformation that can be used to implement reseedable pseudorandom generators, hashing, and AE schemes. Sponge-based AE schemes provide functional characteristics such as parallelizability, incrementality, and being online. They also offer security features for protection against active or passive adversaries. Parallel sponge-based AE schemes are not protected against side-channel attacks such as simple power analysis (SPA) and differential power analysis (DPA). On the other hand, sponge-based AE schemes that protect against such attacks are serial and cannot be parallelized. Furthermore, sponge-based AE schemes handle the nonces in a way that could allow misuse. So, sponge-based AE schemes that hide the nonce from adversaries are also an open problem. This work aims to bridge these gaps by proposing a parallel sponge-based AE with side-channel protection and adversary-invisible nonces (PSASPIN), using parallel fresh rekeying and the duplex mode of the sponge construction. A leveled implementation is used to implement the key generation part using a pseudorandom function (PRF) based on the Galois field multiplication. The data processing (the rekeyed) part is implemented using the sponge-based duplex mode. Finally, the security proof of the proposed scheme is provided using game-based theory according to the PRP/PRF switching lemma, and its performance is analyzed. The analysis demonstrates the effectiveness of the proposed scheme in terms of security and performance. The security analysis shows that the proposed scheme is secure in the ideal permutation model. The performance analysis shows that the proposed scheme is comparable to existing sponge-based AE schemes in processing larger message sizes, despite offering unique features that combine SCAs protection, nonce-obliviousness, and parallelism.

Actions (For repository staff only : Login required)