Provable-Security Analysis of Authenticated Encryption Based on Lesamnta-LW in the Ideal Cipher Model

Hirose, Kuwakado and Yoshida proposed a nonce-based authenticated encryption scheme Lae0 based on Lesamnta-LW in 2019. Lesamnta-LW is a block-cipher-based iterated hash function included in the ISO/IEC 29192-5 lightweight hash-function standard. They also showed that Lae0 satisfies both privacy and...

Full description

Saved in:
Bibliographic Details
Published inIEICE Transactions on Information and Systems Vol. E104.D; no. 11; pp. 1894 - 1901
Main Authors HIROSE, Shoichi, KUWAKADO, Hidenori, YOSHIDA, Hirotaka
Format Journal Article
LanguageEnglish
Published Tokyo The Institute of Electronics, Information and Communication Engineers 01.11.2021
Japan Science and Technology Agency
Subjects
Algorithms
authenticated encryption
Authentication
Encryption
hash function
ideal cipher model
Lesamnta-LW
Permutations
Pseudorandom
Security
Online AccessGet full text

Cover

More Information
Summary:Hirose, Kuwakado and Yoshida proposed a nonce-based authenticated encryption scheme Lae0 based on Lesamnta-LW in 2019. Lesamnta-LW is a block-cipher-based iterated hash function included in the ISO/IEC 29192-5 lightweight hash-function standard. They also showed that Lae0 satisfies both privacy and authenticity if the underlying block cipher is a pseudorandom permutation. Unfortunately, their result implies only about 64-bit security for instantiation with the dedicated block cipher of Lesamnta-LW. In this paper, we analyze the security of Lae0 in the ideal cipher model. Our result implies about 120-bit security for instantiation with the block cipher of Lesamnta-LW.
ISSN:0916-8532
1745-1361
DOI:10.1587/transinf.2021NGP0008