Skip to main content
SpringerLink
Log in

Revisiting the Security of COMET Authenticated Encryption Scheme

  • Conference paper
  • First Online:
Book cover Progress in Cryptology – INDOCRYPT 2021 (INDOCRYPT 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13143))

Included in the following conference series:

Abstract

COMETv1, by Gueron, Jha and Nandi, is a mode of operation for nonce-based authenticated encryption with associated data functionality. It was one of the second round candidates in the ongoing NIST Lightweight Cryptography Standardization Process. In this paper, we study a generalized version of COMETv1, that we call \(\mathsf {gCOMET}\), from provable security perspective. First, we present a comprehensive and complete security proof for \(\mathsf {gCOMET}\) in the ideal cipher model. Second, we view COMET, the underlying mode of operation in COMETv1, as an instantiation of \(\mathsf {gCOMET}\), and derive its concrete security bounds. Finally, we propose another instantiation of \(\mathsf {gCOMET}\), dubbed COMETv2, and show that this version achieves better security guarantees as well as memory-efficient implementations as compared to COMETv1.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    A forgery attack that does not involve exhaustive guessing of internal state or key.

  2. 2.

    Each block of \(\mathsf {fatCOMETv1}\) is built of 16 bytes.

  3. 3.

    Each block of \(\mathsf {tinyCOMETv1}\) is built of 8 bytes.

References

  1. NIST: Lightweight cryptography (2018). https://csrc.nist.gov/Projects/Lightweight-Cryptography. Accessed 31 Aug 2020

  2. Gueron, S., Jha, A., Nandi, M.: COMET: counter mode encryption with tag. Submission to NIST LwC Standardization Process (Round 1) (2019). https://csrc.nist.gov/CSRC/media/Projects/Lightweight-Cryptography/documents/round-1/spec-doc/comet-spec.pdf. Accessed 26 June 2020

  3. Chakraborti, A., Iwata, T., Minematsu, K., Nandi, M.: Blockcipher-based authenticated encryption: how small can we go? In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 277–298. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_14

    Chapter  Google Scholar 

  4. Chakraborti, A., Datta, N., Nandi, M., Yasuda, K.: Beetle family of lightweight and secure authenticated encryption ciphers. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(2), 218–241 (2018)

    Article  Google Scholar 

  5. Dworkin, M.: Recommendation for Block Cipher Modes of Operation - Methods and Techniques. NIST Special Publication 800–38A, National Institute of Standards and Technology, U. S. Department of Commerce (2001)

    Google Scholar 

  6. NIST: Announcing the Advanced Encryption Standard (AES). Fedral Information Processing Standards Publication FIPS 197, National Institute of Standards and Technology, U. S. Department of Commerce (2001)

    Google Scholar 

  7. Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK lightweight block ciphers. In: Proceedings of the 52nd Annual Design Automation Conference, pp. 175:1–175:6 (2015)

    Google Scholar 

  8. Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: SIMON and SPECK: block ciphers for the Internet of Things. IACR Cryptology ePrint Archive 2015, 585 (2015)

    Google Scholar 

  9. Koo, B., Roh, D., Kim, H., Jung, Y., Lee, D.-G., Kwon, D.: CHAM: a family of lightweight block ciphers for resource-constrained devices. In: Kim, H., Kim, D.-C. (eds.) ICISC 2017. LNCS, vol. 10779, pp. 3–25. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78556-1_1

    Chapter  Google Scholar 

  10. Weatherley, R.: Performance of AEAD algorithms on AVR (2020). https://rweather.github.io/lightweight-crypto/performance_avr.html#perf_avr_overall. Accessed 14 Sept 2020

  11. Khairallah, M.: Weak keys in the rekeying paradigm: application to COMET and mixfeed. IACR Trans. Symmetric Cryptol. 2019(4), 272–289 (2019)

    Google Scholar 

  12. Gueron, S., Jha, A., Nandi, M.: On the security of COMET authenticated encryption scheme. Presented at NIST Lightweight Cryptography Workshop 2019 (2019). https://csrc.nist.gov/CSRC/media/Presentations/on-the-security-of-comet-authenticated-encryption/images-media/session2-gueron-security-of-comet.pdf. Accessed 14 Sept 2020

  13. Bernstein, D.J., Gilbert, H., Turan, M.S.: Observations on COMET. Personal Communication (2020)

    Google Scholar 

  14. Chakraborty, B., Jha, A., Nandi, M.: On the security of sponge-type authenticated encryption modes. IACR Trans. Symmetric Cryptol. 2020(2), 93–119 (2020)

    Article  Google Scholar 

  15. Hoang, V.T., Tessaro, S.: Key-alternating ciphers and key-length extension: exact bounds and multi-user security. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 3–32. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_1

    Chapter  Google Scholar 

  16. Jha, A., Nandi, M.: Applications of h-technique: revisiting symmetric key security analysis. IACR Cryptology ePrint Archive 2018, 1130 (2018)

    Google Scholar 

  17. Patarin, J.: Etude de Générateurs de Permutations Basés sur les Schémas du DES. Ph.D. thesis, Université de Paris (1991)

    Google Scholar 

  18. Patarin, J.: The “Coefficients H’’ technique. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 328–345. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04159-4_21

    Chapter  Google Scholar 

  19. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Duplexing the sponge: single-pass authenticated encryption and other applications. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 320–337. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28496-0_19

    Chapter  Google Scholar 

  20. Gueron, S., Jha, A., Nandi, M.: Revisiting the security of COMET authenticated encryption scheme. IACR Cryptology ePrint Archive 2021 (2021)

    Google Scholar 

  21. AlTawy, R., et al.: SpoC: an authenticated cipher submission to the NIST LWC competition. Submission to NIST LwC Standardization Process (Round 2) (2019). https://csrc.nist.gov/CSRC/media/Projects/Lightweight-Cryptography/documents/round-2/spec-doc-rnd2/spoc-spec-round2.pdf. Accessed 09 July 2020

  22. Chakraborty, B., Jha, A., Nandi, M.: On the security of sponge-type authenticated encryption modes. IACR Cryptology ePrint Archive 2019, 1475 (2019)

    Google Scholar 

Download references

Acknowledgments

Shay Gueron is supported by The Israel Science Foundation (grants No. 1018/16 and 3380/19); NSF-BSF Grant 2018640; The BIU Center for Research in Applied Cryptography and Cyber Security and the Center for Cyber Law and Policy at the University of Haifa, both in conjunction with the Israel National Cyber Bureau in the Prime Minister’s Office. Ashwin Jha’s work was carried out in the framework of the French-German-Center for Cybersecurity, a collaboration of CISPA and LORIA. Mridul Nandi is supported by the project “Study and Analysis of IoT Security” under Government of India at R. C. Bose Centre for Cryptology and Security, Indian Statistical Institute, Kolkata.

Author information

Authors and Affiliations

  1. University of Haifa, Haifa, Israel

    Shay Gueron

  2. Amazon Web Services, Seattle, USA

    Shay Gueron

  3. CISPA Helmholtz Center for Information Security, Saarbrücken, Germany

    Ashwin Jha

  4. Indian Statistical Institute, Kolkata, India

    Mridul Nandi

Authors
  1. Shay Gueron
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ashwin Jha
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mridul Nandi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Presidency University, Kolkata, India

    Avishek Adhikari

  2. University of Stuttgart, Stuttgart, Germany

    Ralf Küsters

  3. University of Leuven and imec, Leuven, Belgium

    Bart Preneel

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gueron, S., Jha, A., Nandi, M. (2021). Revisiting the Security of COMET Authenticated Encryption Scheme. In: Adhikari, A., Küsters, R., Preneel, B. (eds) Progress in Cryptology – INDOCRYPT 2021. INDOCRYPT 2021. Lecture Notes in Computer Science(), vol 13143. Springer, Cham. https://doi.org/10.1007/978-3-030-92518-5_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-92518-5_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-92517-8

  • Online ISBN: 978-3-030-92518-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation