Analysis of Forgery Attacks on Parallelizable Authenticated Encryption Scheme (PAES)-8
Article Sidebar
Read Counter : 17
Main Article Content
Abstract
The Parallelizable Authenticated Encryption Scheme (PAES)-8, designed by Ye et al. in 2014, claims to offer 128-bit authentication security in the nonce-misuse model. However, Sasaki and Wang's theoretical forgery attack on PAES-8 suggested vulnerabilities, proposing a universal forgery with a complexity of approximately 211. In this study, we implemented this forgery attack using the C programming language to evaluate its practicality. Our findings reveal that the attack, as initially proposed, cannot be executed without additional steps, which significantly increase its complexity to . These results suggest that PAES-8 may offer greater resistance to forgery attacks than previously anticipated, although further cryptanalysis is recommended, particularly in the nonce-respecting mode.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Copyright on any article is retained by the author(s).
- Author grant the journal, right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work’s authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal’s published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
- The article and any associated published material is distributed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License
References
Aumasson, J.-P., Jovanovic, P., & Neves, S. (2015). NORX8 and NORX16: Authenticated Encryption for Low-End Systems. https://eprint.iacr.org/2015/1154
Banik, S., Chakraborti, A., Iwata, T., Minematsu, K., Nandi, M., Peyrin, T., Sasaki, Y., Sim, S. M., & Todo, Y. (2021). GIFT-COFB v1.1. https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/gift-cofb-spec-final.pdf
Bao, Z., Chakraborti, A., Datta, N., Guo, J., Nandi, M., Peyrin, T., & Yasuda, K. (2021). PHOTON-Beetle Authenticated Encryption and Hash Family. https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/photon-beetle-spec-final.pdf
Bellare, M., & Namprempre, C. (2008). Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. Journal of Cryptology, 21, 469–491. https://doi.org/10.1007/s00145-008-9026-x
Bernstein, D. (2013). CAESAR: Call for Submissions.
Bhaumik, R., & Nandi, M. (2017). Improved Security for OCB3. https://eprint.iacr.org/2017/845
Canteaut, A., Duval, S., Leurent, G., Naya-Plasencia, M., Perrin, L., Pornin, T., & Schrottenloher, A. (2020). Saturnin: a suite of lightweight symmetric algorithms for post-quantum security. IACR Transactions on Symmetric Cryptology, 2020(Special Issue 1), 160–207. https://doi.org/10.13154/TOSC.V2020.IS1.160-207
Charlton, E. (2024). Cybersecurity: Rising Threats and System Safety. World Economic Forum Agenda. https://www.weforum.org/agenda/2024/01/cybersecurity-cybercrime-system-safety/
Choi, W., Hwang, S., Lee, B., & Lee, J. (2024). ZLR: a fast online authenticated encryption scheme achieving full security. Designs, Codes and Cryptography. https://doi.org/10.1007/s10623-024-01434-6
Daemen, J., Hoffert, S., Peeters, M., Van Assche, G., & Van Keer, R. (2020). Xoodyak, a lightweight cryptographic scheme. IACR Transactions on Symmetric Cryptology, 2020(Special Issue 1), 60–87. https://doi.org/10.13154/TOSC.V2020.IS1.60-87
Dobraunig, C., Mendel, F., Eichlseder, M., & Schläffer, M. (2021). Ascon v1.2 Submission to NIST (p. 52). https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/ascon-spec-final.pdf
Jean, J., Nikolić, I., Peyrin, T., & Seurin, Y. (2021). The Deoxys AEAD Family. Journal of Cryptology, 34. https://doi.org/10.1007/s00145-021-09397-w
Jean, J., Nikolic, I., Sasaki, Y., & Wang, L. (2016). Practical forgeries and distinguishers against PAES. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 99, 39–48. https://doi.org/10.1587/transfun.E99.A.39
Jimale, M. A., Z’aba, M. R., Kiah, M. L. B. M., Idris, M. Y. I., Jamil, N., Mohamad, M. S., & Rohmad, M. S. (2022). Authenticated Encryption Schemes: A Systematic Review. IEEE Access, 10, 14739–14766. https://doi.org/10.1109/ACCESS.2022.3147201
NIST. (2001). Advanced Encryption Standard (AES) (Issue FIPS PUB 197). https://csrc.nist.gov/pubs/fips/197/final
Sasaki, Y., & Wang, L. (2014). A Practical Universal Forgery Attack against PAES-8 (p. 218). Citeseer. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.483.4356&rep=rep1&type=pdf
Schroé, W. (2015). Cryptanalysis of Submission to the CAESAR Cryptographic Competition iFeed. https://www.esat.kuleuven.be/cosic/publications/thesis-262.pdf
Statista. (2024). Cost of cybercrime worldwide forecast. https://www.statista.com/forecasts/1280009/cost-cybercrime-worldwide
Van Tilborg, H. C., & Jajodia, S. (Eds.). (2011). Encyclopedia of Cryptography and Security (2nd ed.). Springer Science+Business Media, LLC. https://doi.org/10.1007/978-1-4419-5906-5
Wu, H., & Preneel, B. (2013). AEGIS: A Fast Authenticated Encryption Algorithm. https://eprint.iacr.org/2013/695
Ye, D., Wang, P., Hu, L., Wang, L., Xie, Y., Sun, S., & Wang, P. (2014). Parallelizable Authenticated Encryption Schemes based on AES Round Function. http://competitions.cr.yp.to/round1/paesv1.pdf