A Single-Pass and One-Round Message Authentication Encryption for Limited IoT Devices

Abstract

In this work, we propose three efficient variants of a message authentication encryption (MAE) algorithm, which is based on the dynamic key-dependent concept and dynamic operation mode to reach a high level of security. These variants consist of a single pass and a single round, in addition to the use of common operations for the encryption and authentication processes to reduce the required execution time and resources. Accordingly, the proposed scheme outperforms the existing solutions that are based on the static approach with multiple rounds. Furthermore, to reduce the overhead associated with the regeneration of the dynamic key and the corresponding cryptographic primitives, we propose a simple, yet effective update process. In such a scheme, even when the same plaintext is processed, it will be encrypted and authenticated using different cryptographic primitives (substitution and permutation tables in addition to round keys), which guards against the existing cryptanalysis techniques. The experimental results show that the proposed MAE variants are more efficient than the counter with cipher block chaining message authentication code (CCM), Galois message authentication code (GMAC), offset codebook mode (OCB), and the Chacha20-poly1305. The best performance is achieved with the third MAE variant that presents a high throughput with an enhancement of at least 373% compared to CCM, 90% compared to GCM, 23% compared to OCB, and 22% compared to Chacha20-poly1305.