Revisiting the Security of COMET Authenticated Encryption Scheme

Shay Gueron; Ashwin Jha; Mridul Nandi

doi:10.1007/978-3-030-92518-5_1

Revisiting the Security of COMET Authenticated Encryption Scheme

Shay Gueron, Ashwin Jha, Mridul Nandi

University of Haifa

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

COMETv1, by Gueron, Jha and Nandi, is a mode of operation for nonce-based authenticated encryption with associated data functionality. It was one of the second round candidates in the ongoing NIST Lightweight Cryptography Standardization Process. In this paper, we study a generalized version of COMETv1, that we call gCOMET, from provable security perspective. First, we present a comprehensive and complete security proof for gCOMET in the ideal cipher model. Second, we view COMET, the underlying mode of operation in COMETv1, as an instantiation of gCOMET, and derive its concrete security bounds. Finally, we propose another instantiation of gCOMET, dubbed COMETv2, and show that this version achieves better security guarantees as well as memory-efficient implementations as compared to COMETv1.

Original language	American English
Title of host publication	Progress in Cryptology – INDOCRYPT 2021 - 22nd International Conference on Cryptology in India, 2021, Proceedings
Editors	Avishek Adhikari, Ralf Küsters, Bart Preneel
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	3-25
Number of pages	23
ISBN (Print)	9783030925178
DOIs	https://doi.org/10.1007/978-3-030-92518-5_1
State	Published - 2021
Event	22nd International Conference on Cryptology in India, INDOCRYPT 2021 - Jaipur, India Duration: 12 Dec 2021 → 15 Dec 2021

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	13143 LNCS

Conference

Conference	22nd International Conference on Cryptology in India, INDOCRYPT 2021
Country/Territory	India
City	Jaipur
Period	12/12/21 → 15/12/21

Keywords

AEAD
COMET
ICM
Lightweight
Provable security
Rekeying

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-030-92518-5_1

Cite this

Gueron, S., Jha, A., & Nandi, M. (2021). Revisiting the Security of COMET Authenticated Encryption Scheme. In A. Adhikari, R. Küsters, & B. Preneel (Eds.), Progress in Cryptology – INDOCRYPT 2021 - 22nd International Conference on Cryptology in India, 2021, Proceedings (pp. 3-25). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13143 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-92518-5_1

Gueron, Shay ; Jha, Ashwin ; Nandi, Mridul. / Revisiting the Security of COMET Authenticated Encryption Scheme. Progress in Cryptology – INDOCRYPT 2021 - 22nd International Conference on Cryptology in India, 2021, Proceedings. editor / Avishek Adhikari ; Ralf Küsters ; Bart Preneel. Springer Science and Business Media Deutschland GmbH, 2021. pp. 3-25 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{adf585426e6341e0a9b283de9b316b5b,

title = "Revisiting the Security of COMET Authenticated Encryption Scheme",

abstract = "COMETv1, by Gueron, Jha and Nandi, is a mode of operation for nonce-based authenticated encryption with associated data functionality. It was one of the second round candidates in the ongoing NIST Lightweight Cryptography Standardization Process. In this paper, we study a generalized version of COMETv1, that we call gCOMET, from provable security perspective. First, we present a comprehensive and complete security proof for gCOMET in the ideal cipher model. Second, we view COMET, the underlying mode of operation in COMETv1, as an instantiation of gCOMET, and derive its concrete security bounds. Finally, we propose another instantiation of gCOMET, dubbed COMETv2, and show that this version achieves better security guarantees as well as memory-efficient implementations as compared to COMETv1.",

keywords = "AEAD, COMET, ICM, Lightweight, Provable security, Rekeying",

author = "Shay Gueron and Ashwin Jha and Mridul Nandi",

note = "Publisher Copyright: {\textcopyright} 2021, Springer Nature Switzerland AG.; 22nd International Conference on Cryptology in India, INDOCRYPT 2021 ; Conference date: 12-12-2021 Through 15-12-2021",

year = "2021",

doi = "10.1007/978-3-030-92518-5_1",

language = "American English",

isbn = "9783030925178",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "3--25",

editor = "Avishek Adhikari and Ralf K{\"u}sters and Bart Preneel",

booktitle = "Progress in Cryptology – INDOCRYPT 2021 - 22nd International Conference on Cryptology in India, 2021, Proceedings",

address = "Germany",

}

Gueron, S, Jha, A & Nandi, M 2021, Revisiting the Security of COMET Authenticated Encryption Scheme. in A Adhikari, R Küsters & B Preneel (eds), Progress in Cryptology – INDOCRYPT 2021 - 22nd International Conference on Cryptology in India, 2021, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 13143 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 3-25, 22nd International Conference on Cryptology in India, INDOCRYPT 2021, Jaipur, India, 12/12/21. https://doi.org/10.1007/978-3-030-92518-5_1

Revisiting the Security of COMET Authenticated Encryption Scheme. / Gueron, Shay; Jha, Ashwin; Nandi, Mridul.
Progress in Cryptology – INDOCRYPT 2021 - 22nd International Conference on Cryptology in India, 2021, Proceedings. ed. / Avishek Adhikari; Ralf Küsters; Bart Preneel. Springer Science and Business Media Deutschland GmbH, 2021. p. 3-25 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13143 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Revisiting the Security of COMET Authenticated Encryption Scheme

AU - Gueron, Shay

AU - Jha, Ashwin

AU - Nandi, Mridul

PY - 2021

Y1 - 2021

N2 - COMETv1, by Gueron, Jha and Nandi, is a mode of operation for nonce-based authenticated encryption with associated data functionality. It was one of the second round candidates in the ongoing NIST Lightweight Cryptography Standardization Process. In this paper, we study a generalized version of COMETv1, that we call gCOMET, from provable security perspective. First, we present a comprehensive and complete security proof for gCOMET in the ideal cipher model. Second, we view COMET, the underlying mode of operation in COMETv1, as an instantiation of gCOMET, and derive its concrete security bounds. Finally, we propose another instantiation of gCOMET, dubbed COMETv2, and show that this version achieves better security guarantees as well as memory-efficient implementations as compared to COMETv1.

AB - COMETv1, by Gueron, Jha and Nandi, is a mode of operation for nonce-based authenticated encryption with associated data functionality. It was one of the second round candidates in the ongoing NIST Lightweight Cryptography Standardization Process. In this paper, we study a generalized version of COMETv1, that we call gCOMET, from provable security perspective. First, we present a comprehensive and complete security proof for gCOMET in the ideal cipher model. Second, we view COMET, the underlying mode of operation in COMETv1, as an instantiation of gCOMET, and derive its concrete security bounds. Finally, we propose another instantiation of gCOMET, dubbed COMETv2, and show that this version achieves better security guarantees as well as memory-efficient implementations as compared to COMETv1.

KW - AEAD

KW - COMET

KW - ICM

KW - Lightweight

KW - Provable security

KW - Rekeying

UR - http://www.scopus.com/inward/record.url?scp=85121920912&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-92518-5_1

DO - 10.1007/978-3-030-92518-5_1

M3 - Conference contribution

SN - 9783030925178

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 3

EP - 25

BT - Progress in Cryptology – INDOCRYPT 2021 - 22nd International Conference on Cryptology in India, 2021, Proceedings

A2 - Adhikari, Avishek

A2 - Küsters, Ralf

A2 - Preneel, Bart

PB - Springer Science and Business Media Deutschland GmbH

T2 - 22nd International Conference on Cryptology in India, INDOCRYPT 2021

Y2 - 12 December 2021 through 15 December 2021

ER -

Gueron S, Jha A, Nandi M. Revisiting the Security of COMET Authenticated Encryption Scheme. In Adhikari A, Küsters R, Preneel B, editors, Progress in Cryptology – INDOCRYPT 2021 - 22nd International Conference on Cryptology in India, 2021, Proceedings. Springer Science and Business Media Deutschland GmbH. 2021. p. 3-25. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-92518-5_1

Revisiting the Security of COMET Authenticated Encryption Scheme

Abstract

Publication series

Conference

Keywords

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Cite this