Abstract
COMETv1, by Gueron, Jha and Nandi, is a mode of operation for nonce-based authenticated encryption with associated data functionality. It was one of the second round candidates in the ongoing NIST Lightweight Cryptography Standardization Process. In this paper, we study a generalized version of COMETv1, that we call \(\mathsf {gCOMET}\), from provable security perspective. First, we present a comprehensive and complete security proof for \(\mathsf {gCOMET}\) in the ideal cipher model. Second, we view COMET, the underlying mode of operation in COMETv1, as an instantiation of \(\mathsf {gCOMET}\), and derive its concrete security bounds. Finally, we propose another instantiation of \(\mathsf {gCOMET}\), dubbed COMETv2, and show that this version achieves better security guarantees as well as memory-efficient implementations as compared to COMETv1.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
A forgery attack that does not involve exhaustive guessing of internal state or key.
- 2.
Each block of \(\mathsf {fatCOMETv1}\) is built of 16 bytes.
- 3.
Each block of \(\mathsf {tinyCOMETv1}\) is built of 8 bytes.
References
NIST: Lightweight cryptography (2018). https://csrc.nist.gov/Projects/Lightweight-Cryptography. Accessed 31 Aug 2020
Gueron, S., Jha, A., Nandi, M.: COMET: counter mode encryption with tag. Submission to NIST LwC Standardization Process (Round 1) (2019). https://csrc.nist.gov/CSRC/media/Projects/Lightweight-Cryptography/documents/round-1/spec-doc/comet-spec.pdf. Accessed 26 June 2020
Chakraborti, A., Iwata, T., Minematsu, K., Nandi, M.: Blockcipher-based authenticated encryption: how small can we go? In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 277–298. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_14
Chakraborti, A., Datta, N., Nandi, M., Yasuda, K.: Beetle family of lightweight and secure authenticated encryption ciphers. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(2), 218–241 (2018)
Dworkin, M.: Recommendation for Block Cipher Modes of Operation - Methods and Techniques. NIST Special Publication 800–38A, National Institute of Standards and Technology, U. S. Department of Commerce (2001)
NIST: Announcing the Advanced Encryption Standard (AES). Fedral Information Processing Standards Publication FIPS 197, National Institute of Standards and Technology, U. S. Department of Commerce (2001)
Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK lightweight block ciphers. In: Proceedings of the 52nd Annual Design Automation Conference, pp. 175:1–175:6 (2015)
Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: SIMON and SPECK: block ciphers for the Internet of Things. IACR Cryptology ePrint Archive 2015, 585 (2015)
Koo, B., Roh, D., Kim, H., Jung, Y., Lee, D.-G., Kwon, D.: CHAM: a family of lightweight block ciphers for resource-constrained devices. In: Kim, H., Kim, D.-C. (eds.) ICISC 2017. LNCS, vol. 10779, pp. 3–25. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78556-1_1
Weatherley, R.: Performance of AEAD algorithms on AVR (2020). https://rweather.github.io/lightweight-crypto/performance_avr.html#perf_avr_overall. Accessed 14 Sept 2020
Khairallah, M.: Weak keys in the rekeying paradigm: application to COMET and mixfeed. IACR Trans. Symmetric Cryptol. 2019(4), 272–289 (2019)
Gueron, S., Jha, A., Nandi, M.: On the security of COMET authenticated encryption scheme. Presented at NIST Lightweight Cryptography Workshop 2019 (2019). https://csrc.nist.gov/CSRC/media/Presentations/on-the-security-of-comet-authenticated-encryption/images-media/session2-gueron-security-of-comet.pdf. Accessed 14 Sept 2020
Bernstein, D.J., Gilbert, H., Turan, M.S.: Observations on COMET. Personal Communication (2020)
Chakraborty, B., Jha, A., Nandi, M.: On the security of sponge-type authenticated encryption modes. IACR Trans. Symmetric Cryptol. 2020(2), 93–119 (2020)
Hoang, V.T., Tessaro, S.: Key-alternating ciphers and key-length extension: exact bounds and multi-user security. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 3–32. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_1
Jha, A., Nandi, M.: Applications of h-technique: revisiting symmetric key security analysis. IACR Cryptology ePrint Archive 2018, 1130 (2018)
Patarin, J.: Etude de Générateurs de Permutations Basés sur les Schémas du DES. Ph.D. thesis, Université de Paris (1991)
Patarin, J.: The “Coefficients H’’ technique. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 328–345. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04159-4_21
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Duplexing the sponge: single-pass authenticated encryption and other applications. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 320–337. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28496-0_19
Gueron, S., Jha, A., Nandi, M.: Revisiting the security of COMET authenticated encryption scheme. IACR Cryptology ePrint Archive 2021 (2021)
AlTawy, R., et al.: SpoC: an authenticated cipher submission to the NIST LWC competition. Submission to NIST LwC Standardization Process (Round 2) (2019). https://csrc.nist.gov/CSRC/media/Projects/Lightweight-Cryptography/documents/round-2/spec-doc-rnd2/spoc-spec-round2.pdf. Accessed 09 July 2020
Chakraborty, B., Jha, A., Nandi, M.: On the security of sponge-type authenticated encryption modes. IACR Cryptology ePrint Archive 2019, 1475 (2019)
Acknowledgments
Shay Gueron is supported by The Israel Science Foundation (grants No. 1018/16 and 3380/19); NSF-BSF Grant 2018640; The BIU Center for Research in Applied Cryptography and Cyber Security and the Center for Cyber Law and Policy at the University of Haifa, both in conjunction with the Israel National Cyber Bureau in the Prime Minister’s Office. Ashwin Jha’s work was carried out in the framework of the French-German-Center for Cybersecurity, a collaboration of CISPA and LORIA. Mridul Nandi is supported by the project “Study and Analysis of IoT Security” under Government of India at R. C. Bose Centre for Cryptology and Security, Indian Statistical Institute, Kolkata.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Gueron, S., Jha, A., Nandi, M. (2021). Revisiting the Security of COMET Authenticated Encryption Scheme. In: Adhikari, A., Küsters, R., Preneel, B. (eds) Progress in Cryptology – INDOCRYPT 2021. INDOCRYPT 2021. Lecture Notes in Computer Science(), vol 13143. Springer, Cham. https://doi.org/10.1007/978-3-030-92518-5_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-92518-5_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-92517-8
Online ISBN: 978-3-030-92518-5
eBook Packages: Computer ScienceComputer Science (R0)