Abstract
Lightweight cryptography in computationally constrained devices is actively studied. In contrast to advances of lightweight blockcipher in the last decade, lightweight mode of operation is seemingly not so mature, yet it has large impact in performance. Therefore, there is a great demand for lightweight mode of operation, especially that for authenticated encryption with associated data (AEAD). Among many known properties of conventional modes of operation, the following four properties are essential for constrained devices:
 
 Minimum State Size: the state size equals to a block size of a blockcipher.
 Inverse Free: no need for a blockcipher decryption.
 XOR Only: only XOR is needed in addition to a blockcipher encryption.
 Online: a data block is processed only once.
 
 The properties 1 and 4 contribute to small memory usage, and the properties 2 and 3 contribute to small program/circuit footprint. On top of the above properties, the fifth property regarding associated data (AD) is also important for performance:
 
 Efficient Handling of Static AD: static AD can be precomputed.
 
 We design a lightweight blockcipher-based AEAD mode of operation called SAEB: the first mode of operation that satisfies all the five properties to the best of our knowledge. Performance of SAEB is evaluated in various software and hardware platforms. The evaluation results show that SAEB outperforms conventional blockcipher-based AEAD modes of operation in various performance metrics for lightweight cryptography.
Highlights
There is a huge demand for secure connectivity in constrained embedded devices used for pervasive computing
We present the mode of operation SAEB (which stands for Small (Simple, Slim, Sponge-based) authenticated encryption with associated data (AEAD) from Blockcipher)
SAEB is a nonce-based AEAD mode of operation, and its design follows the sponge-based design methodology [BDPA08, BDPA12a, BDPA12b]; the technique conventionally used with permutation is applied to blockcipher
Summary
There is a huge demand for secure connectivity in constrained embedded devices used for pervasive computing. The technology trend has made lightweight cryptography a very active research topic in cryptography. A number of lightweight blockciphers have been proposed so far [BBI+15, BPP+17, BSS+13, BJK+16, BCG+12, GPPR11, SIH+11, SMMK13] and PRESENT [BKL+07] and CLEFIA [SSA+07] are standardized in ISO/IEC 29192-2. A blockcipher is usually used within a mode of operation. Authenticated encryption with associated data (AEAD) that provides both confidentiality and authenticity is widely used. Blockcipher-based AEAD schemes (or modes of operation) have been studied over the last two decades. Blockcipher-based AEAD schemes such as AES-GCM [Dwoa] and AES-CTR [Dwob] with HMAC-SHA256 [Dan] are used as de facto
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
