Parallel sponge-based authenticated encryption with side-channel protection and adversary-invisible nonces

摘要: Since its birth in 2000, authenticated encryption (AE) has been a hot research topic, and many new features have been proposed to boost its security or performance. The Block cipher was the dominant primitive in constructing AE schemes, followed by stream ciphers and compression functions until the sponge construction emerged in 2011. Sponge-based AE schemes provide functional characteristics such as parallelizability, incrementality, and being online. They also offer security features for protection against active or passive adversaries. Currently, there exist parallel sponge-based AE schemes, but they are not protected against simple power analysis (SPA) and differential power analysis (DPA). On the other hand, sponge-based AE schemes that protect against such attacks are serial and cannot be parallelized. Furthermore, sponge-based AE schemes handle the nonces in a way that could allow misuse. So …