Reference : Lightweight AEAD and Hashing using the Sparkle Permutation Family
Scientific journals : Article
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/41993
Lightweight AEAD and Hashing using the Sparkle Permutation Family
English
Beierle, Christof [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > > ; Ruhr University Bochum > Horst Görtz Institute for IT Security]
Biryukov, Alex mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) > ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)]
Cardoso Dos Santos, Luan mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Groszschädl, Johann mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)]
Perrin, Léo Paul [Inria, Paris, France]
Udovenko, Aleksei mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Velichkov, Vesselin [University of Edinburgh > School of Informatics]
Wang, Qingju mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Jun-2020
IACR Transactions on Symmetric Cryptology
International Association for Cryptologic Research
2020
S1
Special Issue on Designs for the NIST Lightweight Standardisation Process
208-261
Yes
International
2519-173X
Santa Barbara
USA
[en] Lightweight Cryptography ; Authenticated Encryption ; Hash Function ; Long Trail Strategy ; SPARKLE
[en] We introduce the Sparkle family of permutations operating on 256, 384 and 512 bits. These are combined with the Beetle mode to construct a family of authenticated ciphers, Schwaemm, with security levels ranging from 120 to 250 bits. We also use them to build new sponge-based hash functions, Esch256 and Esch384. Our permutations are among those with the lowest footprint in software, without sacrificing throughput. These properties are allowed by our use of an ARX component (the Alzette S-box) as well as a carefully chosen number of rounds. The corresponding analysis is enabled by the long trail strategy which gives us the tools we need to efficiently bound the probability of all the differential and linear trails for an arbitrary number of rounds. We also present a new application of this approach where the only trails considered are those mapping the rate to the outer part of the internal state, such trails being the only relevant trails for instance in a differential collision attack. To further decrease the number of rounds without compromising security, we modify the message injection in the classical sponge construction to break the alignment between the rate and our S-box layer.
Fonds National de la Recherche - FnR ; University of Luxembourg - UL
FDISC
Researchers ; Professionals ; Students
http://hdl.handle.net/10993/41993
10.13154/tosc.v2020.iS1.208-261
http://tosc.iacr.org/index.php/ToSC/article/view/8627
FnR ; FNR9037104 > Aleksei Udovenko > > Evaluation of Authenticated Ciphers > 01/05/2015 > 30/04/2019 > 2014

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
main.pdfAuthor preprint995.75 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.