<div class="csl-bib-body">
<div class="csl-entry">Bhati, A. S., Pohle, E., Abidin, A., Andreeva, E., & Preneel, B. (2023). Let’s Go Eevee! A Friendly and Suitable Family of AEAD Modes for IoT-to-Cloud Secure Computation. In <i>CCS ’23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security</i> (pp. 2546–2560). Association for Computing Machinery. https://doi.org/10.1145/3576915.3623091</div>
</div>
-
dc.identifier.uri
http://hdl.handle.net/20.500.12708/192592
-
dc.description.abstract
IoT devices collect privacy-sensitive data, e.g., in smart grids or in medical devices, and send this data to cloud servers for further processing. In order to ensure confidentiality as well as authenticity of the sensor data in the untrusted cloud environment, we consider a transciphering scenario between embedded IoT devices and multiple cloud servers that perform secure multi-party computation (MPC). Concretely, the IoT devices encrypt their data with a lightweight symmetric cipher and send the ciphertext to the cloud servers. To obtain the secret shares of the cleartext message for further processing, the cloud servers engage in an MPC protocol to decrypt the ciphertext in a distributed manner. This way, the plaintext is never exposed to the individual servers. As an important building block in this scenario, we propose a new, provably secure family of lightweight modes for authenticated encryption with associated data (AEAD), called Eevee. The Eevee family has fully parallel decryption, making it suitable for MPC protocols for which the round complexity depends on the complexity of the function they compute. Further, our modes use the lightweight forkcipher primitive that offers fixed-length output expansion and a compact yet parallelizable internal structure. All Eevee members improve substantially over the few available state-of-the-art (SotA) MPC-friendly modes and other standard solutions. We benchmark the Eevee family on a microcontroller and in MPC. Our proposed mode Jolteon (when instantiated with ForkSkinny) provides 1.85x to 3.64x speedup in IoT-encryption time and 3x to 4.5x speedup in both MPC-decryption time and data for very short queries of 8 bytes and, 1.55x to 3.04x and 1.23x to 2.43x speedup, respectively, in MPC-decryption time and data for queries up to 500 bytes when compared against SotA MPC-friendly modes instantiated with SKINNY. We also provide two advanced modes, Umbreon and Espeon, that show a favorable performance-security trade-off with stronger security guarantees such as nonce-misuse security. Additionally, all Eevee members have full n-bit security (where n is the block size of the underlying primitive), use a single primitive and require smaller state and HW area when compared with the SotA modes under their original security settings.
en
dc.language.iso
en
-
dc.subject
Authenticated encryption
en
dc.subject
beyond birthday
en
dc.subject
forkcipher
en
dc.subject
lightweight cryptography
en
dc.subject
nonce misuse
en
dc.subject
online AE
en
dc.subject
provable security
en
dc.subject
secure multi-party computation
en
dc.subject
transciphering
en
dc.title
Let's Go Eevee! A Friendly and Suitable Family of AEAD Modes for IoT-to-Cloud Secure Computation
en
dc.type
Inproceedings
en
dc.type
Konferenzbeitrag
de
dc.relation.publication
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security