Breaking symmetric cryptosystems using quantum period finding
Due to Shor's algorithm, quantum computers are a severe threat for public key cryptography.
This motivated the cryptographic community to search for quantum-safe solutions. On the …
This motivated the cryptographic community to search for quantum-safe solutions. On the …
General classification of the authenticated encryption schemes for the CAESAR competition
An authenticated encryption scheme is a scheme which provides privacy and integrity by
using a secret key. In 2013, CAESAR (the “Competition for Authenticated Encryption …
using a secret key. In 2013, CAESAR (the “Competition for Authenticated Encryption …
Counter-in-tweak: authenticated encryption modes for tweakable block ciphers
Abstract We propose the Synthetic Counter-in-Tweak (SCT) mode, which turns a tweakable
block cipher into a nonce-based authenticated encryption scheme (with associated data) …
block cipher into a nonce-based authenticated encryption scheme (with associated data) …
Online authenticated-encryption and its nonce-reuse misuse-resistance
A definition of online authenticated-encryption (OAE), call it OAE1, was given by
Fleischmann, Forler, and Lucks (2012). It has become a popular definitional target because …
Fleischmann, Forler, and Lucks (2012). It has become a popular definitional target because …
Nonces are noticed: AEAD revisited
We draw attention to a gap between theory and usage of nonce-based symmetric
encryption, under which the way the former treats nonces can result in violation of privacy in …
encryption, under which the way the former treats nonces can result in violation of privacy in …
Rogue decryption failures: Reconciling AE robustness notions
An authenticated encryption scheme is deemed secure (AE) if ciphertexts both look like
random bitstrings and are unforgeable. AE is a much stronger notion than the traditional IND …
random bitstrings and are unforgeable. AE is a much stronger notion than the traditional IND …
OAE-RUP: a strong online AEAD security notion and its application to SAEF
Release of unverified plaintexts (RUP) security is an important target for robustness in AE
schemes. It is also highly crucial for lightweight (LW) implementations of online AE schemes …
schemes. It is also highly crucial for lightweight (LW) implementations of online AE schemes …
ZOCB and ZOTR: tweakable blockcipher modes for authenticated encryption with full absorption
We define ZOCB and ZOTR for nonce-based authenticated encryption with associated data,
and analyze their provable security. These schemes use a tweakable blockcipher (TBC) as …
and analyze their provable security. These schemes use a tweakable blockcipher (TBC) as …
[PDF][PDF] Practical challenges with AES-GCM and the need for a new cipher
P Kampanakis, M Campagna, E Crocket… - The Third NIST …, 2023 - csrc.nist.gov
AWS is pleased to see the Third NIST Workshop on Block Cipher Modes of Operation 2023
which plans to address limitations of block cipher modes (SP 800-38 series). We also …
which plans to address limitations of block cipher modes (SP 800-38 series). We also …
Architecture optimization and performance comparison of Nonce-Misuse-Resistant authenticated encryption algorithms
This paper presents a performance comparison of new authenticated encryption (AE)
algorithms which are aimed at providing better security and resource efficiency compared to …
algorithms which are aimed at providing better security and resource efficiency compared to …