BipBip: A Low-Latency Tweakable Block Cipher with Small Dimensions

Authors

  • Yanis Belkheyar Digital Security Group, Radboud University, Nijmegen, The Netherlands
  • Joan Daemen Digital Security Group, Radboud University, Nijmegen, The Netherlands
  • Christoph Dobraunig Intel Labs, Hillsboro, USA
  • Santosh Ghosh Intel Labs, Hillsboro, USA
  • Shahram Rasoolzadeh Digital Security Group, Radboud University, Nijmegen, The Netherlands

DOI:

https://doi.org/10.46586/tches.v2023.i1.326-368

Keywords:

BipBip, low-latency, tweakable block cipher

Abstract

Recently, a memory safety concept called Cryptographic Capability Computing (C3) has been proposed. C3 is the first memory safety mechanism that works without requiring extra storage for metadata and hence, has the potential to significantly enhance the security of modern IT-systems at a rather low cost. To achieve this, C3 heavily relies on ultra-low-latency cryptographic primitives. However, the most crucial primitive required by C3 demands uncommon dimensions. To partially encrypt 64-bit pointers, a 24-bit tweakable block cipher with a 40-bit tweak is needed. The research on low-latency tweakable block ciphers with such small dimensions is not very mature. Therefore, designing such a cipher provides a great research challenge, which we take on with this paper. As a result, we present BipBip, a 24-bit tweakable block cipher with a 40-bit tweak that allows for ASIC implementations with a latency of 3 cycles at a 4.5 GHz clock frequency on a modern 10 nm CMOS technology.

Downloads

Published

2022-11-29

Issue

Section

Articles

How to Cite

BipBip: A Low-Latency Tweakable Block Cipher with Small Dimensions. (2022). IACR Transactions on Cryptographic Hardware and Embedded Systems, 2023(1), 326-368. https://doi.org/10.46586/tches.v2023.i1.326-368