Click here to close now.

SYS-CON MEDIA Authors: Plutora Blog, Bart Copeland, Andreas Grabner, Liz McMillan, Dana Gardner

News Feed Item

New Authenticated Encryption Algorithm Features Robust Resistance to Multiple Misuse

Nippon Telegraph and Telephone Corporation (TOKYO:9432) and Mitsubishi Electric Corporation (TOKYO:6503) announced today that in collaboration with the University of Fukui they have jointly developed an authenticated encryption algorithm offering robust resistance to multiple misuse. The algorithm has been entered in the Competition for Authenticated Encryption: Security, Applicability, and Robustness (CAESAR) project, based on which the algorithm is expected to be deployed for increasingly secure and reliable information technology.

The new algorithm’s major advantage is its resistance to multiple misuse in authenticated encryption operations that provide simultaneous confidentiality and integrity.

One problem of misuse is an attacker making a fake message if plaintexts are released before their integrity is verified. Once a conventional system outputs decrypted plaintext from tampered data without authentication, the attacker can show tampered data as being non-tampered. Whereas this occurs with many conventional systems, the new algorithm fixes the problem, thereby enabling relatively low-memory devices to handle large-volume data.

Another typical problem is the reuse of nonce. In the case of a common authentication algorithm called Advanced Encryption Standard with Galois Counter Mode (AES-GCM), a non-repeatable special parameter, or nonce, is required to achieve security. However, the algorithm is largely bleached if the nonce is reused, so the new algorithm fixes this problem to maintain security even after multiple reuse.

The new algorithm accepts messages longer than the 64-gigabyte limit of AES-GCM, and it works faster than AES-GCM on many platforms.

CAESAR Competition

CAESAR is a competition organized to thoroughly evaluate authenticated encryption algorithms by testing their resistance to multiple third-party cryptanalyzing attacks to prove their security, applicability and robustness. Algorithms that receive third-party cryptanalysis through CAESAR are expected to gain wide acceptance, which is why this new algorithm has been submitted to the competition. Candidate algorithms will be screened annually and the first results will be announced on January 15, 2015, with the final results to be announced on December 15, 2017.

Based on the results of the CAESAR competition, NTT and Mitsubishi Electric intend to research and develop services and products for machine-to-machine (M2M) applications incorporating their new algorithm, thereby contributing to increased security and reliability in information technology.

Background

Cryptography is widely used to establish secure and reliable information technology by encrypting data with symmetric-key cryptography. However, symmetric-key cryptography does not necessarily prove data integrity. To prove data integrity, an authentication algorithm Message Authentication Code is required to detect forgery. Conventional algorithms can achieve either confidentiality or integrity. Combining the two is possible, but presents many problems. For example, recent threats to SSL/TLS involving attacks with BEAST (2011), BREACH (2013) and Lucky Thirteen (2013) have highlighted misuse problems. Authenticated encryption offers concrete instantiations, but the method is not used widely because its benefits are not fully recognized. In addition, conventional algorithms have demonstrated certain problems with weak keys.

About Nippon Telegraph and Telephone Corporation

NTT (Nippon Telegraph and Telephone Corporation) is the world’s largest global IT and telecommunications services company and is ranked 32nd on Fortune’s Global 500 list. The company’s roots go back over 100 years to the introduction of the telegraph in Japan and focuses today on innovation in the cloud, mobility, network and communications. The company had operating revenues of over US$130 billion for the fiscal year ended March 31, 2013 and employs 227,150 people worldwide. The company’s subsidiaries include Regional Communications Businesses: NTT EAST, NTT WEST; Mobile Communications Businesses: NTT DOCOMO; Long-Distance and International Communication Businesses: NTT Communications and Dimension Data; and Data Communication Businesses: NTT DATA. For more information, visit http://www.ntt.co.jp/index_e.html

About Mitsubishi Electric Corporation

With over 90 years of experience in providing reliable, high-quality products, Mitsubishi Electric Corporation (TOKYO:6503) is a recognized world leader in the manufacture, marketing and sales of electrical and electronic equipment used in information processing and communications, space development and satellite communications, consumer electronics, industrial technology, energy, transportation and building equipment. Embracing the spirit of its corporate statement, Changes for the Better, and its environmental statement, Eco Changes, Mitsubishi Electric endeavors to be a global, leading green company, enriching society with technology. The company recorded consolidated group sales of 3,567.1 billion yen (US$ 37.9 billion*) in the fiscal year ended March 31, 2013. For more information visit http://www.MitsubishiElectric.com
*At an exchange rate of 94 yen to the US dollar, the rate given by the Tokyo Foreign Exchange Market on March 31, 2013

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
The explosion of connected devices / sensors is creating an ever-expanding set of new and valuable data. In parallel the emerging capability of Big Data technologies to store, access, analyze, and react to this data is producing changes in business models under the umbrella of the Internet of Things (IoT). In particular within the Insurance industry, IoT appears positioned to enable deep changes by altering relationships between insurers, distributors, and the insured. In his session at @Things...
PubNub on Monday has announced that it is partnering with IBM to bring its sophisticated real-time data streaming and messaging capabilities to Bluemix, IBM’s cloud development platform. “Today’s app and connected devices require an always-on connection, but building a secure, scalable solution from the ground up is time consuming, resource intensive, and error-prone,” said Todd Greene, CEO of PubNub. “PubNub enables web, mobile and IoT developers building apps on IBM Bluemix to quickly add sc...
The cloud has transformed how we think about software quality. Instead of preventing failures, we must focus on automatic recovery from failure. In other words, resilience trumps traditional quality measures. Continuous delivery models further squeeze traditional notions of quality. Remember the venerable project management Iron Triangle? Among time, scope, and cost, you can only fix two or quality will suffer. Only in today's DevOps world, continuous testing, integration, and deployment upend...
Data-intensive companies that strive to gain insights from data using Big Data analytics tools can gain tremendous competitive advantage by deploying data-centric storage. Organizations generate large volumes of data, the vast majority of which is unstructured. As the volume and velocity of this unstructured data increases, the costs, risks and usability challenges associated with managing the unstructured data (regardless of file type, size or device) increases simultaneously, including end-to-...
Sensor-enabled things are becoming more commonplace, precursors to a larger and more complex framework that most consider the ultimate promise of the IoT: things connecting, interacting, sharing, storing, and over time perhaps learning and predicting based on habits, behaviors, location, preferences, purchases and more. In his session at @ThingsExpo, Tom Wesselman, Director of Communications Ecosystem Architecture at Plantronics, will examine the still nascent IoT as it is coalescing, includin...
The excitement around the possibilities enabled by Big Data is being tempered by the daunting task of feeding the analytics engines with high quality data on a continuous basis. As the once distinct fields of data integration and data management increasingly converge, cloud-based data solutions providers have emerged that can buffer your organization from the complexities of this continuous data cleansing and management so that you’re free to focus on the end goal: actionable insight.
Between the compelling mockups and specs produced by your analysts and designers, and the resulting application built by your developers, there is a gulf where projects fail, costs spiral out of control, and applications fall short of requirements. In his session at DevOps Summit, Charles Kendrick, CTO and Chief Architect at Isomorphic Software, will present a new approach where business and development users collaborate – each using tools appropriate to their goals and expertise – to build mo...
Operational Hadoop and the Lambda Architecture for Streaming Data Apache Hadoop is emerging as a distributed platform for handling large and fast incoming streams of data. Predictive maintenance, supply chain optimization, and Internet-of-Things analysis are examples where Hadoop provides the scalable storage, processing, and analytics platform to gain meaningful insights from granular data that is typically only valuable from a large-scale, aggregate view. One architecture useful for capturing...
The Internet of Things (IoT) is causing data centers to become radically decentralized and atomized within a new paradigm known as “fog computing.” To support IoT applications, such as connected cars and smart grids, data centers' core functions will be decentralized out to the network's edges and endpoints (aka “fogs”). As this trend takes hold, Big Data analytics platforms will focus on high-volume log analysis (aka “logs”) and rely heavily on cognitive-computing algorithms (aka “cogs”) to mak...
When it comes to the Internet of Things, hooking up will get you only so far. If you want customers to commit, you need to go beyond simply connecting products. You need to use the devices themselves to transform how you engage with every customer and how you manage the entire product lifecycle. In his session at @ThingsExpo, Sean Lorenz, Technical Product Manager for Xively at LogMeIn, will show how “product relationship management” can help you leverage your connected devices and the data th...
In the consumer IoT, everything is new, and the IT world of bits and bytes holds sway. But industrial and commercial realms encompass operational technology (OT) that has been around for 25 or 50 years. This grittier, pre-IP, more hands-on world has much to gain from Industrial IoT (IIoT) applications and principles. But adding sensors and wireless connectivity won’t work in environments that demand unwavering reliability and performance. In his session at @ThingsExpo, Ron Sege, CEO of Echelon...
With several hundred implementations of IoT-enabled solutions in the past 12 months alone, this session will focus on experience over the art of the possible. Many can only imagine the most advanced telematics platform ever deployed, supporting millions of customers, producing tens of thousands events or GBs per trip, and hundreds of TBs per month. With the ability to support a billion sensor events per second, over 30PB of warm data for analytics, and hundreds of PBs for an data analytics arc...
One of the biggest impacts of the Internet of Things is and will continue to be on data; specifically data volume, management and usage. Companies are scrambling to adapt to this new and unpredictable data reality with legacy infrastructure that cannot handle the speed and volume of data. In his session at @ThingsExpo, Don DeLoach, CEO and president of Infobright, will discuss how companies need to rethink their data infrastructure to participate in the IoT, including: Data storage: Understand...
Since 2008 and for the first time in history, more than half of humans live in urban areas, urging cities to become “smart.” Today, cities can leverage the wide availability of smartphones combined with new technologies such as Beacons or NFC to connect their urban furniture and environment to create citizen-first services that improve transportation, way-finding and information delivery. In her session at @ThingsExpo, Laetitia Gazel-Anthoine, CEO of Connecthings, will focus on successful use c...
Sensor-enabled things are becoming more commonplace, precursors to a larger and more complex framework that most consider the ultimate promise of the IoT: things connecting, interacting, sharing, storing, and over time perhaps learning and predicting based on habits, behaviors, location, preferences, purchases and more. In his session at @ThingsExpo, Tom Wesselman, Director of Communications Ecosystem Architecture at Plantronics, will examine the still nascent IoT as it is coalescing, includin...