Architecture Optimization and Performance Comparison of Nonce-Misuse-Resistant Authenticated Encryption Algorithms

This paper presents a performance comparison of new authenticated encryption (AE) algorithms which are aimed at providing better security and resource efficiency compared to existing standards. Specifically, these algorithms improve the security of existing AE standards by providing a critical prope...

Full description

Saved in:
Bibliographic Details
Published inIEEE transactions on very large scale integration (VLSI) systems Vol. 27; no. 5; pp. 1053 - 1066
Main Authors Koteshwara, Sandhya, Das, Amitabh, Parhi, Keshab K.
Format Journal Article
LanguageEnglish
Published New York IEEE 01.05.2019
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Advanced Encryption Standard in Galois Counter mode (AES-GCM)
AES-GCM-synthetic IV (SIV)
Algorithms
Applicability
Application specific integrated circuits
Architecture
authenticated encryption (AE)
Authentication
Co-design
Competition for AE: Security
Deoxys
Encryption
Field programmable gate arrays
Gate arrays
Integrated circuits
nonce-misuse resistance
Optimization
pipelineable on-line encryption with authentication tag (POET)
PRIMATE-APE
Resistance
Robustness (CAESAR) competition
Security
Online AccessGet full text
ISSN1063-8210
1557-9999
DOI10.1109/TVLSI.2019.2894656

Cover

Abstract This paper presents a performance comparison of new authenticated encryption (AE) algorithms which are aimed at providing better security and resource efficiency compared to existing standards. Specifically, these algorithms improve the security of existing AE standards by providing a critical property termed nonce-misuse resistance. This paper addresses algorithm to architectural mappings of several candidates from the ongoing Competition for AE: Security, Applicability, and Robustness as well as a submission from the Crypto Forum Research Group. Implementations of the architectures on both field-programmable gate arrays and application-specific integrated circuits platforms are provided and compared with the architecture of a popular standard: Advanced Encryption Standard in Galois Counter mode (AES-GCM). Optimizations that are applicable to AE, in general, and nonce-misuse-resistant architectures, in particular, are presented. A hardware-software codesign approach to optimization is also discussed. The implementations via proposed optimizations demonstrate that new AE algorithms can provide comparable performance as standard AES-GCM while enhancing security and resource utilization for specific use-case scenarios.
AbstractList This paper presents a performance comparison of new authenticated encryption (AE) algorithms which are aimed at providing better security and resource efficiency compared to existing standards. Specifically, these algorithms improve the security of existing AE standards by providing a critical property termed nonce-misuse resistance. This paper addresses algorithm to architectural mappings of several candidates from the ongoing Competition for AE: Security, Applicability, and Robustness as well as a submission from the Crypto Forum Research Group. Implementations of the architectures on both field-programmable gate arrays and application-specific integrated circuits platforms are provided and compared with the architecture of a popular standard: Advanced Encryption Standard in Galois Counter mode (AES-GCM). Optimizations that are applicable to AE, in general, and nonce-misuse-resistant architectures, in particular, are presented. A hardware-software codesign approach to optimization is also discussed. The implementations via proposed optimizations demonstrate that new AE algorithms can provide comparable performance as standard AES-GCM while enhancing security and resource utilization for specific use-case scenarios.
Author Parhi, Keshab K.
Koteshwara, Sandhya
Das, Amitabh
Author_xml – sequence: 1
  givenname: Sandhya
  orcidid: 0000-0003-3182-219X
  surname: Koteshwara
  fullname: Koteshwara, Sandhya
  email: kotes001@umn.edu
  organization: Department of Electrical Engineering, University of Minnesota, Minneapolis, MN, USA
– sequence: 2
  givenname: Amitabh
  surname: Das
  fullname: Das, Amitabh
  organization: Intel Labs, Security and Privacy Research, Intel Corporation, Hillsboro, OR, USA
– sequence: 3
  givenname: Keshab K.
  orcidid: 0000-0001-6543-2793
  surname: Parhi
  fullname: Parhi, Keshab K.
  organization: Department of Electrical Engineering, University of Minnesota, Minneapolis, MN, USA
BookMark eNp9kE1P3DAQQK2KSgXKHyiXSJyz9Ti2Yx9XKyhI21Lx0WvkmDFrtLGD7RzoryfsIg49dC4zmpk3I70jchBiQEK-AV0AUP397s_69mrBKOgFU5pLIT-RQxCirfUcB3NNZVMrBvQLOcr5iVLgXNNDkpbJbnxBW6aE1fVY_OD_muJjqEx4qH5jcjENJlisVnEYTfJ5HkVX_Ypzr_7p85SxvsHsczGhVMupbDAUb03Bh-o82PQy7q4tt48x-bIZ8lfy2ZltxpP3fEzuL87vVpf1-vrH1Wq5ri3TotSaib7lrmUoFDireikBe-60odq1vTAAGnrTcGWVbkVrwDLWz4OGO8nBNcfkbH93TPF5wly6pzilML_sGAMBUuoW5i2137Ip5pzQddaXnYCSjN92QLs3w93OcPdmuHs3PKPsH3RMfjDp5f_Q6R7yiPgBKMkV47J5BXbyi94
CODEN IEVSE9
CitedBy_id crossref_primary_10_3390_cryptography6020030
crossref_primary_10_1002_cta_3724
crossref_primary_10_1016_j_vlsi_2023_102057
crossref_primary_10_1109_ACCESS_2020_2978665
crossref_primary_10_3934_mbe_2022546
Cites_doi 10.17487/rfc6655
10.46586/tosc.v2017.i4.240-267
10.17487/rfc5288
10.1007/3-540-44709-1_16
10.1109/ACSSC.2017.8335570
10.1109/ISCAS.2017.8050315
10.1007/3-540-45682-1_15
10.1007/978-3-540-85174-5_9
10.1109/MWSCAS.2011.6026388
10.1109/ReConFig.2013.6732274
10.1007/978-3-540-25937-4_25
10.1109/TCSII.2006.882217
10.1145/937527.937529
10.1007/3-540-44448-3_41
10.1145/2831347.2831354
10.1109/MDAT.2017.2682234
10.46586/tosc.v2017.i1.80-105
10.1007/11545262_32
ContentType Journal Article
Copyright Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2019
Copyright_xml – notice: Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2019
DBID 97E
RIA
RIE
AAYXX
CITATION
7SP
8FD
L7M
DOI 10.1109/TVLSI.2019.2894656
DatabaseName IEEE All-Society Periodicals Package (ASPP) 2005–Present
IEEE All-Society Periodicals Package (ASPP) 1998–Present
IEEE Xplore
CrossRef
Electronics & Communications Abstracts
Technology Research Database
Advanced Technologies Database with Aerospace
DatabaseTitle CrossRef
Technology Research Database
Advanced Technologies Database with Aerospace
Electronics & Communications Abstracts
DatabaseTitleList
Technology Research Database
Database_xml – sequence: 1
  dbid: RIE
  name: IEEE Electronic Library (IEL)
  url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/
  sourceTypes: Publisher
DeliveryMethod fulltext_linktorsrc
Discipline Engineering
Architecture
EISSN 1557-9999
EndPage 1066
ExternalDocumentID 10_1109_TVLSI_2019_2894656
8648246
Genre orig-research
GroupedDBID -~X
.DC
0R~
29I
3EH
4.4
5GY
5VS
6IK
97E
AAJGR
AARMG
AASAJ
AAWTH
ABAZT
ABFSI
ABQJQ
ABVLG
ACGFS
ACIWK
AENEX
AETIX
AGQYO
AGSQL
AHBIQ
AI.
AIBXA
AKJIK
AKQYR
ALLEH
ALMA_UNASSIGNED_HOLDINGS
ATWAV
BEFXN
BFFAM
BGNUA
BKEBE
BPEOZ
CS3
DU5
E.L
EBS
EJD
HZ~
H~9
ICLAB
IEDLZ
IFIPE
IFJZH
IPLJI
JAVBF
LAI
M43
O9-
OCL
P2P
RIA
RIE
RNS
TN5
VH1
AAYXX
CITATION
7SP
8FD
L7M
ID FETCH-LOGICAL-c295t-925b74f72e581fc8b661eb4f9a09f7b5a1191ba348c89757a1c22b7b534f641f3
IEDL.DBID RIE
ISSN 1063-8210
IngestDate Mon Jun 30 04:07:05 EDT 2025
Wed Oct 01 02:59:24 EDT 2025
Thu Apr 24 23:03:58 EDT 2025
Wed Aug 27 02:47:16 EDT 2025
IsPeerReviewed true
IsScholarly true
Issue 5
Language English
License https://ieeexplore.ieee.org/Xplorehelp/downloads/license-information/IEEE.html
https://doi.org/10.15223/policy-029
https://doi.org/10.15223/policy-037
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c295t-925b74f72e581fc8b661eb4f9a09f7b5a1191ba348c89757a1c22b7b534f641f3
Notes ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ORCID 0000-0001-6543-2793
0000-0003-3182-219X
PQID 2215166971
PQPubID 85424
PageCount 14
ParticipantIDs crossref_primary_10_1109_TVLSI_2019_2894656
proquest_journals_2215166971
ieee_primary_8648246
crossref_citationtrail_10_1109_TVLSI_2019_2894656
ProviderPackageCode CITATION
AAYXX
PublicationCentury 2000
PublicationDate 2019-05-01
PublicationDateYYYYMMDD 2019-05-01
PublicationDate_xml – month: 05
  year: 2019
  text: 2019-05-01
  day: 01
PublicationDecade 2010
PublicationPlace New York
PublicationPlace_xml – name: New York
PublicationTitle IEEE transactions on very large scale integration (VLSI) systems
PublicationTitleAbbrev TVLSI
PublicationYear 2019
Publisher IEEE
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Publisher_xml – name: IEEE
– name: The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
References bernstein (ref10) 2014
ref12
böck (ref14) 2016
ref2
ref1
(ref13) 2019
(ref18) 2015
dobraunig (ref30) 2017; 2017
gueron (ref20) 2017
(ref16) 2019
rogaway (ref17) 2007; 6
ref24
ref26
ref25
iwata (ref15) 2017; 2017
parhi (ref23) 1999
ref28
ref27
ref29
ref8
ref7
ref9
ref4
ref3
ref6
ref5
abed (ref11) 2014
(ref22) 2014
jean (ref19) 2016
abed (ref21) 2014
References_xml – ident: ref4
  doi: 10.17487/rfc6655
– volume: 2017
  start-page: 240
  year: 2017
  ident: ref15
  article-title: Reconsidering the security bound of AES-GCM-SIV
  publication-title: IACR Transactions on Symmetric Cryptology
  doi: 10.46586/tosc.v2017.i4.240-267
– ident: ref3
  doi: 10.17487/rfc5288
– ident: ref26
  doi: 10.1007/3-540-44709-1_16
– year: 2019
  ident: ref13
  publication-title: ATHENa Automated Tool for Hardware EvaluatioN
– year: 2014
  ident: ref10
  publication-title: CAESAR Competition for Authenticated Encryption Security Applicability and Robustness
– start-page: 1
  year: 2016
  ident: ref14
  article-title: Nonce-disrespecting adversaries: Practical forgery attacks on GCM in TLS
  publication-title: Proc of USENIX WOOT
– ident: ref8
  doi: 10.1109/ACSSC.2017.8335570
– year: 2015
  ident: ref18
  publication-title: Second-Round Submission to the CAESAR Competition
– ident: ref7
  doi: 10.1109/ISCAS.2017.8050315
– ident: ref25
  doi: 10.1007/3-540-45682-1_15
– ident: ref9
  doi: 10.1007/978-3-540-85174-5_9
– ident: ref28
  doi: 10.1109/MWSCAS.2011.6026388
– ident: ref29
  doi: 10.1109/ReConFig.2013.6732274
– year: 2014
  ident: ref11
  article-title: General overview of the first-round CAESAR candidates for authenticated encryption
– ident: ref5
  doi: 10.1007/978-3-540-25937-4_25
– ident: ref27
  doi: 10.1109/TCSII.2006.882217
– ident: ref6
  doi: 10.1145/937527.937529
– ident: ref2
  doi: 10.1007/3-540-44448-3_41
– ident: ref1
  doi: 10.1145/2831347.2831354
– volume: 6
  year: 2007
  ident: ref17
  article-title: Deterministic authenticated-encryption
  publication-title: Adv Cryptology
– year: 2016
  ident: ref19
  publication-title: Deoxys v1 41
– year: 2019
  ident: ref16
  publication-title: Webpage for the AES-GCM-SIV Mode of Operation
– year: 1999
  ident: ref23
  publication-title: VLSI Digital Signal Processing Systems Design and Implementation
– ident: ref12
  doi: 10.1109/MDAT.2017.2682234
– year: 2014
  ident: ref22
  publication-title: PRIMATEs v1 02
– start-page: 205
  year: 2014
  ident: ref21
  article-title: Pipelineable on-line encryption
  publication-title: Fast Software Encryption Third International Workshop Proceedings
– year: 2017
  ident: ref20
  article-title: AES-GCM-SIV: Specification and analysis
– volume: 2017
  start-page: 80
  year: 2017
  ident: ref30
  article-title: ISAP-towards side-channel secure authenticated encryption
  publication-title: IACR Transactions on Symmetric Cryptology
  doi: 10.46586/tosc.v2017.i1.80-105
– ident: ref24
  doi: 10.1007/11545262_32
SSID ssj0014490
Score 2.3116515
Snippet This paper presents a performance comparison of new authenticated encryption (AE) algorithms which are aimed at providing better security and resource...
SourceID proquest
crossref
ieee
SourceType Aggregation Database
Enrichment Source
Index Database
Publisher
StartPage 1053
SubjectTerms Advanced Encryption Standard in Galois Counter mode (AES-GCM)
AES-GCM-synthetic IV (SIV)
Algorithms
Applicability
Application specific integrated circuits
Architecture
authenticated encryption (AE)
Authentication
Co-design
Competition for AE: Security
Deoxys
Encryption
Field programmable gate arrays
Gate arrays
Integrated circuits
nonce-misuse resistance
Optimization
pipelineable on-line encryption with authentication tag (POET)
PRIMATE-APE
Resistance
Robustness (CAESAR) competition
Security
Title Architecture Optimization and Performance Comparison of Nonce-Misuse-Resistant Authenticated Encryption Algorithms
URI https://ieeexplore.ieee.org/document/8648246
https://www.proquest.com/docview/2215166971
Volume 27
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
journalDatabaseRights – providerCode: PRVIEE
  databaseName: IEEE Electronic Library (IEL)
  customDbUrl:
  eissn: 1557-9999
  dateEnd: 99991231
  omitProxy: false
  ssIdentifier: ssj0014490
  issn: 1063-8210
  databaseCode: RIE
  dateStart: 19930101
  isFulltext: true
  titleUrlDefault: https://ieeexplore.ieee.org/
  providerName: IEEE
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1BT9swFH4CTuzABt1EN0A-cAOXxHFi-1ghEJvWgqBM3CLbsQHRJlOTHrZfPztJQ2HTxC1S7MjS9_L8nv2-7wEchoHV2nk9nClCMWVSYmc3BhMWiizj1uHu-c6jcXJxS7_dxXdrcNxxYYwxdfGZGfjH-i4_K_TCH5Wd8IRyQpN1WGc8abha3Y0BpaJRHkgizF0esyTIBOJk8uP7zVdfxSUGLr3wAmEvNqG6q8pfrrjeX87fw2i5sqas5GmwqNRA_34l2vjWpX-ArTbQRMPGMrZhzeQ78G5FfrAH8-HKLQK6dM5j1rIykcwzdPXMKUCnXbtCVFg09lxHPHosF6XB16b0MWheIX_c5ouPfJFVhs5yPf9VOyQ0nN4X88fqYVZ-hNvzs8npBW57MGBNRFxhQWLFqGXExDy0miu3nxtFrZCBsEzF0gvEKRlRrrlgMZOhJkS5FxG1CQ1t9Ak28iI3u4BcqhnHkRIu4JKUG8O1pDpUzARaE0t4H8IlKKluBcp9n4xpWicqgUhrIFMPZNoC2Yejbs7PRp7jv6N7HpluZAtKH_aW2KftH1ymxMdCSSJY-Pnfs77Apv92U_y4BxvVfGH2XYBSqYPaMv8AGx3joQ
linkProvider IEEE
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1Nb9QwEB2VcgAOfBXEQgEfuIG3iTOO7eOqarWF3QXBFvUW2Y4NFW0WbbIH-PXYSTaUDyFukWIrlt5kPGPPewPwIk28tcHr0dIwpCi0psFuHGUiVWUpfcA98p3ni3x6iq_P-NkOvBq4MM65tvjMjeNje5dfruwmHpUdyBwlw_waXOeIyDu21nBngKg67YE8ozJkMluKTKIOlh9nH05iHZcahwQjSoT9sg21fVX-cMbtDnN8B-bbtXWFJV_Gm8aM7fffZBv_d_F34XYfapJJZxv3YMdV9-HWFQHCPVhPrtwjkLfBfVz2vEyiq5K8-8kqIIdDw0Ky8mQR2Y50fl5vakffuzpGoVVD4oFbLD-KZVYlOars-lvrksjk4tNqfd58vqwfwOnx0fJwSvsuDNQyxRuqGDcCvWCOy9RbacKO7gx6pRPlheE6SsQZnaG0UgkudGoZM-FFhj7H1GcPYbdaVe4RkJBscp4ZFUIujdI5aTXa1AiXWMs8kyNIt6AUtpcoj50yLoo2VUlU0QJZRCCLHsgRvBzmfO0EOv45ei8iM4zsQRnB_hb7ov-H64LFaCjPlUgf_33Wc7gxXc5nxexk8eYJ3Izf6Uoh92G3WW_c0xCuNOZZa6U_ACpo5u4
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Architecture+Optimization+and+Performance+Comparison+of+Nonce-Misuse-Resistant+Authenticated+Encryption+Algorithms&rft.jtitle=IEEE+transactions+on+very+large+scale+integration+%28VLSI%29+systems&rft.au=Koteshwara%2C+Sandhya&rft.au=Das%2C+Amitabh&rft.au=Parhi%2C+Keshab+K.&rft.date=2019-05-01&rft.issn=1063-8210&rft.eissn=1557-9999&rft.volume=27&rft.issue=5&rft.spage=1053&rft.epage=1066&rft_id=info:doi/10.1109%2FTVLSI.2019.2894656&rft.externalDBID=n%2Fa&rft.externalDocID=10_1109_TVLSI_2019_2894656
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1063-8210&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1063-8210&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1063-8210&client=summon