Fides: Lightweight Authenticated Cipher with Side-Channel Resistance for Constrained Hardware
نویسندگان
چکیده
In this paper, we present a novel lightweight authenticated cipher optimized for hardware implementations called Fides. It is an online nonce-based authenticated encryption scheme with authenticated data whose area requirements are as low as 793 GE and 1001 GE for 80-bit and 96-bit security, respectively. This is at least two times smaller than its closest competitors Hummingbird-2 and Grain-128a. While being extremely compact, Fides is both throughput and latency efficient, even in its most serial implementations. This is attained by our novel sponge-like design approach. Moreover, cryptographically optimal 5-bit and 6-bit S-boxes are used as basic nonlinear components while paying a special attention on the simplicity of providing first order side-channel resistance with threshold implementation.
منابع مشابه
COFFE: Ciphertext Output Feedback Faithful Encryption On-Line Authenticated Encryption Without a Block Cipher
In this paper we introduce the first authenticated encryption scheme based on a hash function, called COFFE. This research has been motivated by the challenge to fit secure cryptography into constrained devices – some of these devices have to use a hash function, anyway, and the challenge is to avoid the usage of an additional block cipher to provide authenticated encryption. COFFE satisfies th...
متن کاملCPA on COLM Authenticated Cipher and the Protection Using Domain-Oriented Masking
Authenticated encryption schemes are important cryptographic primitives that received extensive attention recently. They can provide both confidentiality and authenticity services, simultaneously. Correlation power analysis (CPA) can be a thread for authenticated ciphers, similar to the any physical implementation of any other cryptographic scheme. In this paper, a three-step CPA attack against...
متن کاملCryptanalysis of FIDES
FIDES is a lightweight authenticated cipher, presented at CHES 2013. The cipher has two version, providing either 80-bit or 96bit security. In this paper, we describe internal state-recovery attacks on both versions of FIDES, and show that once we recover the internal state, we can use it to immediately forge any message. Our attacks are based on a guess-and-determine algorithm, exploiting the ...
متن کاملAn Ultra-Lightweight Side-Channel Resistant Crypto for Pervasive Devices
Lightweight cryptography is equipped as security component, to secure those pervasive devices that are security and privacy sensitive. It has been conclusively proven that unprotected cryptographic implementations are vulnerable to side-channel attacks. In practice, area resource smaller than 3,000GE (5,000GE sometimes) may be available for security components in pervasive devices. This paper p...
متن کاملLeakage-Resilient and Misuse-Resistant Authenticated Encryption
Leakage-resilience and misuse-resistance are two important properties for the deployment of authenticated encryption schemes. They aim at mitigating the impact of implementation flaws due to side-channel leakages and misused randomness. In this paper, we discuss their interactions and incompatibilities. For this purpose, we first show a generic composition mode of a MAC with an encryption schem...
متن کامل