lightweight cryptography and classification of aead modes
play

Lightweight Cryptography and Classification of AEAD Modes Nilanjan - PowerPoint PPT Presentation

Jun 15, 2023 •616 likes •1.62k views

Lightweight Cryptography and Classification of AEAD Modes Nilanjan Datta Institute for Advancing Intelligence (IAI), TCG CREST International Crypto-Webniar 2020 Aug 30, 2020 N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of

  1. Lightweight Cryptography and Classification of AEAD Modes Nilanjan Datta Institute for Advancing Intelligence (IAI), TCG CREST International Crypto-Webniar 2020 Aug 30, 2020 N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 1 / 70

  2. Content Introduction to Authenticated Encryption Motivation of Lightweight Cryptography A Discussion on NIST LwC Project Classification of lightweight AEAD Modes N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 2 / 70

  3. I: An Introduction to Authenticated Encryption N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 3 / 70

  4. The Popular Story: Encryption 1 Alice and Bob share a secret key K N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 4 / 70

  5. The Popular Story: Encryption 1 Alice and Bob share a secret key K 2 Alice sends the ciphertext C = Enc K ( M ) corresponding to a message M to Bob N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 4 / 70

  6. The Popular Story: Encryption 1 Alice and Bob share a secret key K 2 Alice sends the ciphertext C = Enc K ( M ) corresponding to a message M to Bob 3 Data Privacy: Only Bob can decrypt. No information (other than length) about plaintext is leaked from ciphertext N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 4 / 70

  7. The Popular Story: Encryption Enc K (“My Netflix password is nil123”)

  8. The Popular Story: Encryption Decrypts: Read Message Enc K (“My Netflix password is nil123”) N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 5 / 70

  9. The Popular Story: Authentication 1 Alice and Bob share a secret key K N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 6 / 70

  10. The Popular Story: Authentication 1 Alice and Bob share a secret key K 2 Alice sends M along with tag T = Tag K ( M ) to Bob N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 6 / 70

  11. The Popular Story: Authentication 1 Alice and Bob share a secret key K 2 Alice sends M along with tag T = Tag K ( M ) to Bob 3 Data Integrity: Bob can verify valid tag and can reject all tampered tag N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 6 / 70

  12. The Popular Story: Authentication “I love you” � Tag K (“I love you”)

  13. The Popular Story: Authentication Valid Tag: Read Message “I love you” � Tag K (“I love you”) N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 7 / 70

  14. The Popular Story: Authentication “ I h a t e y o u ” � T “I love you” � Tag K (“I love you”)

  15. The Popular Story: Authentication Invalid Tag: Ignore Message. “I hate you” � T “I love you” � Tag K (“I love you”) N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 8 / 70

  16. Authenticated Encryption Authentication + Encryption N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 9 / 70

  17. Why Authenticated Encryption? Chasing the Gangstar Inspector Alice wishes sub-inspector Bob to move his check point to a different location N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 10 / 70

  18. Why Authenticated Encryption? Chasing the Gangstar Inspector Alice wishes sub-inspector Bob to move his check point to a different location Data Privacy : The updated check point should remain confidential N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 10 / 70

  19. Why Authenticated Encryption? Chasing the Gangstar Inspector Alice wishes sub-inspector Bob to move his check point to a different location Data Privacy : The updated check point should remain confidential Data Authenticity : Alice sends the updated check point and it has not been modified in transit N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 10 / 70

  20. Why Authenticated Encryption? Covid Report Doctor Alice wishes to send the covid report M of Bob to the medical database N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 11 / 70

  21. Why Authenticated Encryption? Covid Report Doctor Alice wishes to send the covid report M of Bob to the medical database Data Privacy : Bob’s medical records should remain confidential N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 11 / 70

  22. Why Authenticated Encryption? Covid Report Doctor Alice wishes to send the covid report M of Bob to the medical database Data Privacy : Bob’s medical records should remain confidential Data Authenticity : Alice prepares the report and the report was not modified in transit N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 11 / 70

  23. Why Authenticated Encryption? The Annual Evaluation Prof. Alice wishes to inform the semestral marks to her students Data Privacy : Bob’s marks should remain confidential Data Authenticity : Alice sends the marks and the marks have not been modified in transit N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 12 / 70

  24. Authenticated Encryption with Associated Data (AEAD) AEAD Algorithm AE ( K , AD , M , N ) → ( C , T ) N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 13 / 70

  25. Authenticated Encryption with Associated Data (AEAD) AEAD Algorithm AE ( K , AD , M , N ) → ( C , T ) What is Associated Data? Header of the Message. Example: IP Address Requires data authenticity, not privacy N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 13 / 70

  26. Authenticated Encryption with Associated Data (AEAD) AEAD Algorithm AE ( K , AD , M , N ) → ( C , T ) What is Associated Data? Header of the Message. Example: IP Address Requires data authenticity, not privacy What is Nonce? An arbitrary number used only once . Example: Counter Used to generate randomness N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 13 / 70

  27. Authenticated Encryption with Associated Data (AEAD) Verified Decryption Algorithm VD ( K , AD , C , T , N ) → M / ⊥ . N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 14 / 70

  28. Authenticated Encryption with Associated Data (AEAD) Verified Decryption Algorithm VD ( K , AD , C , T , N ) → M / ⊥ . A Note on Verified Decryption Plaintext is only released after verification is successful Otherwise, the algorithm aborts However, the ordering of verification and decryption may vary N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 14 / 70

  29. II: An Introduction to Light-weight Cryptography N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 15 / 70

  30. Lightweight Cryptography: Use in Rain RFID Tags N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 16 / 70

  31. Lightweight Cryptography: Use in Vehicles N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 17 / 70

  32. Lightweight Cryptography: Use in Smart Home N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 18 / 70

  33. Lightweight Cryptography: Use in Medical Sensors N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 19 / 70

  34. What is Lightweight Cryptography? Lightweight Cryptography Subfield of Cryptography that aims to provide crypto solutions tailored to constrained environments N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 20 / 70

  35. What is Lightweight Cryptography? Lightweight Cryptography Subfield of Cryptography that aims to provide crypto solutions tailored to constrained environments Lightweight = Light + Weight N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 20 / 70

  36. What is Lightweight Cryptography? Lightweight Cryptography Subfield of Cryptography that aims to provide crypto solutions tailored to constrained environments Lightweight = Light + Weight Weight of an Algorithm A property of its implementation depending on different metrics of the target platform N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 20 / 70

  37. Weight of An Algorithm N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 21 / 70

  38. Weight of An Algorithm N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 22 / 70

  39. Weight of An Algorithm N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 23 / 70

  40. Weight of An Algorithm N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 24 / 70

  41. Weight of An Algorithm N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 25 / 70

  42. General Purpose Crypto vs Lightweight Crypto General Purpose Crypto Used in several applications A proper trade-off of various metric: area, speed, throughput, energy etc Lightweight Crypto Used for dedicated resource constraint environment Lack of Crypto standards suitable for such devices. N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 26 / 70

  43. NIST LwC Project III: A Brief Overview on NIST LwC Project N. Datta (IAI, TCG CREST) Lightweight Crypto and Classification of AEAD 27 / 70

Recommend

Lightweight Cryptography Mission Accomplished? Peter Rombouts ECRYPT II Closing Event

Lightweight Cryptography Mission Accomplished? Peter Rombouts ECRYPT II Closing Event

Lightweight Cryptography Mission Accomplished? Peter Rombouts ECRYPT II Closing Event Cryptography for 2020 Tenerife January 23 rd , 2013 Organization Lightweight Cryptography: Mission Accomplished? Introduction Technical perspective

478 views • 20 slides
Lightweight Cryptography and and RFID Security Svetla Nikova COSIC KUL COSIC, KULeuven and

Lightweight Cryptography and and RFID Security Svetla Nikova COSIC KUL COSIC, KULeuven and

Lightweight Cryptography and and RFID Security Svetla Nikova COSIC KUL COSIC, KULeuven and UTwente d UT t Overview Lightweight cryptography - state of the art Comparison Standard vs. Lightweight Comparison Standard vs. Lightweight

599 views • 39 slides
On the Design and Use of Lightweight Cryptography for Cyber-Physical Systems Hirotaka Yoshida 1 1

On the Design and Use of Lightweight Cryptography for Cyber-Physical Systems Hirotaka Yoshida 1 1

On the Design and Use of Lightweight Cryptography for Cyber-Physical Systems Hirotaka Yoshida 1 1 AIST, Japan Kolkata, India (16 November 2018) 1 / 38 Table of contents 1 Introduction 2 Lightweight Crypto Stack for Circuit/RAM Size Requirement

670 views • 38 slides
Lightweight Cryptography Mar a Naya-Plasencia Inria, France Summer School on real-world

Lightweight Cryptography Mar a Naya-Plasencia Inria, France Summer School on real-world

Lightweight Cryptography Mar a Naya-Plasencia Inria, France Summer School on real-world crypto and privacy Sibenik, Croatia - June 15 2018 Outline Symmetric lightweight primitives Most used cryptanalysis Impossible

1.31k views • 76 slides
Lightweight Cryptography - Hardware Perspective - Miroslav Kne evi NXP Semiconductors

Lightweight Cryptography - Hardware Perspective - Miroslav Kne evi NXP Semiconductors

Lightweight Cryptography - Hardware Perspective - Miroslav Kne evi NXP Semiconductors Thanks to the teams of KATAN, SPONGENT, PRINCE, FIDES Design and Security of Cryptographic Functions, Algorithms, and Devices, PAGE: 1 of 33 Summer

590 views • 45 slides
The State of the Art in Symmetric Lightweight Cryptography Lo Perrin Based on a joint work

The State of the Art in Symmetric Lightweight Cryptography Lo Perrin Based on a joint work

The State of the Art in Symmetric Lightweight Cryptography Lo Perrin Based on a joint work with Alex Biryukov November 18, 2017 Cryptacus Workshop Taken from a document writen originally in English. The programming of billions of processors

903 views • 75 slides
NIST Lightweight Cryptography Workshop 2015 Session VII: Implementations & Performance

NIST Lightweight Cryptography Workshop 2015 Session VII: Implementations & Performance

NIST Lightweight Cryptography Workshop 2015 Session VII: Implementations & Performance Performance of State-of-the-Art Cryptography on ARM-based Microprocessors Hannes Tschofenig & Manuel Pegourie-Gonnard (Hannes.Tschofenig@arm.com,

509 views • 40 slides
PRESS RELEASE Trusted Objects expert on lightweight cryptography gives a presentation to the NIST

PRESS RELEASE Trusted Objects expert on lightweight cryptography gives a presentation to the NIST

PRESS RELEASE Trusted Objects expert on lightweight cryptography gives a presentation to the NIST Alexan Alexandre dre Adomn Adomnicai, icai, cryptograph cryptography y expert expert at at Truste Trusted d Obje Objects cts will will

174 views • 3 slides
Block Cipher Modes of Operation Electronic Code Book Cipher Block Chaining Mode Cryptography

Block Cipher Modes of Operation Electronic Code Book Cipher Block Chaining Mode Cryptography

Cryptography Block Cipher Modes of Operation Block Ciphers with Multiple Blocks Block Cipher Modes of Operation Electronic Code Book Cipher Block Chaining Mode Cryptography Cipher Feedback Mode School of Engineering and Technology

428 views • 32 slides
Towards Green Cryptography: a Comparison of Lightweight Ciphers from the Energy Viewpoint St

Towards Green Cryptography: a Comparison of Lightweight Ciphers from the Energy Viewpoint St

Towards Green Cryptography: a Comparison of Lightweight Ciphers from the Energy Viewpoint St ephanie Kerckhof, Fran cois Durvaux, C edric Hoquet, David Bol, Fran cois-Xavier Standaert CHES 2012 September 2012 UCL Crypto Group

931 views • 49 slides
Future Challenges for Lightweight Cryptography F.-X. Standaert UCL Crypto Group Crypto for 2020,

Future Challenges for Lightweight Cryptography F.-X. Standaert UCL Crypto Group Crypto for 2020,

Future Challenges for Lightweight Cryptography F.-X. Standaert UCL Crypto Group Crypto for 2020, Tenerife, January 2013 Outline 1 1. Past results 2. Future challenges 1. Block ciphers 2 TEA, NOEKEON, AES, SERPENT, ICEBERG, HIGHT,

844 views • 68 slides
Authenticated Encryption in Practice mcgrew@cisco.com History Interface AEAD in standards

Authenticated Encryption in Practice mcgrew@cisco.com History Interface AEAD in standards

History Interface AEAD in standards AEAD in security architectures Desiderata Conclusions Authenticated Encryption in Practice mcgrew@cisco.com History Interface AEAD in standards AEAD in security architectures Desiderata Conclusions

959 views • 50 slides
Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1. About Think Lightweight 2. What are Lightweight Structures? 3. Industry Applications 4. Product Line Review 5. Think Lightweight Component

832 views • 43 slides
Light Lightweight Cryptography Pascal Lafourcade (LIMOS, France) Takaaki Mizuki (Tohoku

Light Lightweight Cryptography Pascal Lafourcade (LIMOS, France) Takaaki Mizuki (Tohoku

Light Lightweight Cryptography Pascal Lafourcade (LIMOS, France) Takaaki Mizuki (Tohoku University, Japan) Atsuki Nagao (Ochanomizu University, Japan) Kazumasa Shinagawa (Tokyo Tech / AIST, Japan) 1 2 3 4 5 6 Material 7 Agenda 1.

1.3k views • 38 slides
DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and

DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and

DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes Presented by N7MOT Lenny Gemar Amateur radio began with spark gap transmitters, evolving to Morse code and analog voice

442 views • 20 slides
Symmetric and Asymmetric Key Cryptography(Part 2) By Radhika B S Contents Asymmetric Key

Symmetric and Asymmetric Key Cryptography(Part 2) By Radhika B S Contents Asymmetric Key

Symmetric and Asymmetric Key Cryptography(Part 2) By Radhika B S Contents Asymmetric Key Cryptography Security Requirements Advantages Modes of Use Diffie-Hellman Key Exchange RSA Cryptosystem ElGamal

584 views • 32 slides
Handout 4 Summary of this handout: Block Ciphers continued Modes of Operation Cryptomeria

Handout 4 Summary of this handout: Block Ciphers continued Modes of Operation Cryptomeria

06-20008 Cryptography The University of Birmingham Autumn Semester 2012 School of Computer Science Eike Ritter 19 October, 2012 Handout 4 Summary of this handout: Block Ciphers continued Modes of Operation Cryptomeria II.1.5 Modes

353 views • 7 slides
On the Lightweight Design Choices for Diffusion Layer of Block Ciphers SUMANTA SARKAR TCS

On the Lightweight Design Choices for Diffusion Layer of Block Ciphers SUMANTA SARKAR TCS

On the Lightweight Design Choices for Diffusion Layer of Block Ciphers SUMANTA SARKAR TCS Innovation Labs December 11, 2017 SUMANTA SARKAR Lightweight Cryptography Internet of Things / Connected Cars Internet of things (IoT): Network of

786 views • 45 slides
Entropy as a Service Unlocking the full potential of cryptography Apostol Vassilev Robert

Entropy as a Service Unlocking the full potential of cryptography Apostol Vassilev Robert

Entropy as a Service Unlocking the full potential of cryptography Apostol Vassilev Robert Staples STVM/CSD/NIST A perspective: cryptography evolves very fast to provide security in cyberspace Emerging crypto technologies - lightweight crypto

199 views • 17 slides
Lecture 3: Modes of Operation Helger Lipmaa Helsinki University of Technology helger@tcs.hut.fi

Lecture 3: Modes of Operation Helger Lipmaa Helsinki University of Technology helger@tcs.hut.fi

T-79.159 Cryptography and Data Security Lecture 3: Modes of Operation Helger Lipmaa Helsinki University of Technology helger@tcs.hut.fi T-79.159 Cryptography and Data Security, 04.02.2004 Lecture 3: Modes of Operation, Helger Lipmaa 1

705 views • 34 slides
The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will revolutionise the international high-rise construction industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight

417 views • 12 slides
HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography &

HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography &

HOST Cryptography I ECE 525 Cryptography Handbook of Applied Cryptography & http://cseweb.ucsd.edu/users/mihir/cse207/ Brief History: Proliferation of computers and communication systems in 1960s brought with it a demand to protect

273 views • 24 slides
Lightweight Encryption for Email Ben Adida ben@mit.edu 7 July 2005 joint work with Susan

Lightweight Encryption for Email Ben Adida ben@mit.edu 7 July 2005 joint work with Susan

Lightweight Encryption for Email Ben Adida ben@mit.edu 7 July 2005 joint work with Susan Hohenberger and Ronald L. Rivest MIT Cryptography and Information Security Group Motivation To Improve/Restore the Usefulness of Email

487 views • 28 slides
The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept will revolutionise the aviation industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight applications Patent Applied For

479 views • 12 slides

More recommend