Abstract
This paper introduces NORX, a novel authenticated encryption scheme supporting arbitrary parallelism degree and based on ARX primitives, yet not using modular additions. NORX has a unique parallel architecture based on the monkeyDuplex construction, with an original domain separation scheme for a simple processing of header, payload and trailer data. Furthermore, NORX specifies a dedicated datagram to facilitate interoperability and avoid users the trouble of defining custom encoding and signalling. NORX was optimized for efficiency in both software and hardware, with a SIMD-friendly core, almost byte-aligned rotations, no secret-dependent memory lookups, and only bitwise operations. On a Haswell processor, a serial version of NORX runs at 2.51 cycles per byte. Simulations of a hardware architecture for 180 nm UMC ASIC give a throughput of approximately 10Gbps at 125MHz.
Chapter PDF
Similar content being viewed by others
References
Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Permutation-based Encryption, Authentication and Authenticated Encryption. Presented at DIAC 2012, Stockholm, Sweden, July 05-06 (2012)
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Duplexing the Sponge: Single-Pass Authenticated Encryption and Other Applications. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 320–337. Springer, Heidelberg (2012)
Bernstein, D.J.: ChaCha, a Variant of Salsa20. In: Workshop Record of SASC 2008: The State of the Art of Stream Ciphers (2008), http://cr.yp.to/chacha.html
Knuth, D.E.: The Art of Computer Programming. Combinatorial Algorithms, Part 1, vol. 4A. Addison-Wesley, Upper Saddle River (2011), http://www-cs-faculty.stanford.edu/~uno/taocp.html
Official website of NORX (2014), https://www.norx.io
Aumasson, J.P., Neves, S., Wilcox-O’Hearn, Z., Winnerlein, C.: BLAKE2: Simpler, Smaller, Fast as MD5. In: Jacobson, M., Locasto, M., Mohassel, P., Safavi-Naini, R. (eds.) ACNS 2013. LNCS, vol. 7954, pp. 119–135. Springer, Heidelberg (2013)
Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: On the Security of Keyed Sponge Constructions. Presented at SKEW 2011, Lyngby, Denmark, February 16-17 (2011), http://sponge.noekeon.org/SpongeKeyed.pdf
Jovanovic, P., Luykx, A., Mennink, B.: Beyond 2c/2 Security in Sponge-Based Authenticated Encryption Modes. Cryptology ePrint Archive, Report 2014/373 (2014), http://eprint.iacr.org/2014/373
Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Cryptographic Sponge Functions (2008), http://sponge.noekeon.org/CSF-0.1.pdf
Aumasson, J.-P., Fischer, S., Khazaei, S., Meier, W., Rechberger, C.: New Features of Latin Dances: Analysis of Salsa, ChaCha and Rumba. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 470–488. Springer, Heidelberg (2008)
Shi, Z., Zhang, B., Feng, D., Wu, W.: Improved Key Recovery Attacks on Reduced Round Salsa20 and ChaCha. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 337–351. Springer, Heidelberg (2013)
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: On the Indifferentiability of the Sponge Construction. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 181–197. Springer, Heidelberg (2008)
Henzen, L., Carbognani, F., Felber, N., Fichtner, W.: VLSI Hardware Evaluation of the Stream Ciphers Salsa20 and ChaCha, and the Compression Function Rumba. In: 2nd International Conference on Signals, Circuits and Systems 2008, pp. 1–5. IEEE (2008)
Gueron, S.: AES-GCM Software Performance on the Current High End CPUs as a Performance Baseline for CAESAR Competition Presented at DIAC 2013, Chicago, USA, August 11-13 (2013), http://2013.diac.cr.yp.to/slides/gueron.pdf .
Käsper, E., Schwabe, P.: Faster and Timing-Attack Resistant AES-GCM. Cryptology ePrint Archive, Report 2009/129 (2009), http://eprint.iacr.org/2009/129
Jovanovic, P., Neves, S., Aumasson, J.P.: Analysis of NORX. Cryptology ePrint Archive, Report 2014/317 (2014), http://eprint.iacr.org/2014/317
Aumasson, J.P., Dinur, I., Henzen, L., Meier, W., Shamir, A.: Efficient FPGA Implementations of High-Dimensional Cube Testers on the Stream Cipher Grain-128. Cryptology ePrint Archive, Report 2009/218
Dinur, I., Shamir, A.: Cube Attacks on Tweakable Black Box Polynomials. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2009)
Stein, W.: Sage Mathematics Software. The Sage Development Team (2005–2013), http://sagemath.org
Ganesh, V., Govostes, R., Phang, K.Y., Soos, M., Schwartz, E.: STP — A Simple Theorem Prover (2006–2013), http://stp.github.io/stp
Gorski, M., Lucks, S., Peyrin, T.: Slide Attacks on a Class of Hash Functions. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 143–160. Springer, Heidelberg (2008)
Peyrin, T.: Security Analysis of Extended Sponge Functions. In: Presented at the ECRYPT Workshop Hash Functions in Cryptology: Theory and Practice, Leiden, The Netherlands (June 4, 2008), http://www.lorentzcenter.nl/lc/web/2008/309/presentations/Peyrin.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Aumasson, JP., Jovanovic, P., Neves, S. (2014). NORX: Parallel and Scalable AEAD. In: Kutyłowski, M., Vaidya, J. (eds) Computer Security - ESORICS 2014. ESORICS 2014. Lecture Notes in Computer Science, vol 8713. Springer, Cham. https://doi.org/10.1007/978-3-319-11212-1_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-11212-1_2
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11211-4
Online ISBN: 978-3-319-11212-1
eBook Packages: Computer ScienceComputer Science (R0)