Introduction

As cloud computing and mobile computing continue to become more widely adopted, there is an ever increasing demand for efficient transmission and storage of data. Compression is widely used in Internet-based information systems to satisfy these demands. At the same time, as our daily lives become ever more reliant upon this digital infrastructure, protecting the security and privacy of data becomes a pervasive necessity. Even when a system is built from secure cryptographic algorithms, the protection provided by these algorithms can be compromised at the system level when pre- or post-processing operations, such as compression, are used in conjunction with encryption and authentication. The two recent attacks CRIME and BREACH demonstrated that conventional techniques for combining compression and encryption are susceptible to "compression side-channel" attacks. The only effective remedy is to disable compression for Secure Sockets Layer (SSL)/Transport Layer Security (TLS) and HTTPS communication, which almost 90 percent of web sites have done.

Motivation

Lightweight cryptography has been investigated in the literature for over a decade. Many symmetric key primitives such as block ciphers, stream ciphers, hash functions, and pseudorandom generators have been proposed. Recently, The National Institute of Standards and Technology (NIST) has put effort towards standardization for lightweight cryptographic algorithms. The goal of lightweight cryptography is to provide security and privacy in resource-constrained applications, embedded systems, and Internet-of-Things (IoT) including Radio Frequency Identification (RFID) systems, wireless sensor networks, and vehicle ad-hoc networks.