Open Access
The CWC Authenticated Encryption (Associated Data) Mode
Reads0
Chats0
TLDR
Having all three of these properties makes CWC a strong candidate for use with future high-performance systems, and is currently the only dedicated authenticated encryption with associated data (AEAD) scheme that simultaneously has these three properties.Abstract:
We introduce CWC, a new block cipher mode of operation designed to protect both the privacy and the authenticity of encapsulated data. Important properties of CWC include: 1. Performance. CWC is parallelizable and is efficient in both hardware and software. 2. Security. CWC is provably secure and its provable security depends only on the pseu dorandomness of the underlying block cipher. No other cryptographic primitives are used and no other assumptions are made. 3. Patent-free. To the best of our knowledge CWC is not covered by any patents. CWC is currently the only dedicated authenticated encryption with associated data (AEAD) scheme that simultaneously has these three properties (e.g., CCM and EAX are not parallelizable and OCB is not patent-free). Having all three of these properties makes CWC a strong candidate for use with future high-performance systems.read more
Citations
More filters
Patent
Stream cipher using multiplication over a finite field of even characteristic
TL;DR: In this paper, a nonlinear substitution is performed on at least a portion of the data, wherein the substitution is achieved by multiplying the portion of data by one of the sub-keys over a finite field of even characteristic, modulo a fixed primitive polynomial.
Proceedings ArticleDOI
Practical random number generation in software
TL;DR: It is demonstrated that universal hash functions are a theoretically appealing and efficient mechanism for accumulating entropy, and it is argued that systems should provide both computational security and information theoretic security through separate interfaces.
Patent
Nonlinear feedback mode for block ciphers
TL;DR: In this paper, the plain text is divided into a plurality of plain text blocks, and each plain text block is multiplied by a preceding cipher text block over a finite field of even characteristic, modulo the primitive polynomial.
Secure and efficient coprocessor design for cryptographic applications on FPGAs
TL;DR: Proefschrift voorgedragen tot het behalen van het doctoraat in de ingenieurswetenschappen door Nele MENTENS Alle rechten voorbehouden mag vermenigvuldigd en/of openbaar gemaakt worden door middel van druk, fotocopie, microfilm, elektronisch.
Posted Content
Building Secure Cryptographic Transforms, or How to Encrypt and MAC.
TL;DR: This work describes several notions of “cryptographic transforms,” symmetric schemes designed to meet a variety of privacy and authenticity goals, and provides an analysis of possible ways to combine standard encryption and message authentication schemes in order to provably meet these goals.
References
More filters
Journal ArticleDOI
New hash functions and their use in authentication and set equality
TL;DR: Several new classes of hash functions with certain desirable properties are exhibited, and two novel applications for hashing which make use of these functions are introduced, including a provably secure authentication technique for sending messages over insecure lines and the application of testing sets for equality.
Proceedings ArticleDOI
OCB: a block-cipher mode of operation for efficient authenticated encryption
TL;DR: It is proved OCB secure, quantifying the adversary's ability to violate the mode's privacy or authenticity in terms of the quality of its block cipher as a pseudorandom permutation (PRP) or as a strong PRP, respectively.
Journal ArticleDOI
Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm
TL;DR: In this paper, the authors consider two possible notions of authenticity for authenticated encryption schemes, namely integrity of plaintexts and integrity of ciphertexts, and relate them, when coupled with IND-CPA (indistinguishability under chosen-plaintext attack), to the standard notions of privacy IND-CCA and NMCPA, and provide proofs for the cases where the answer is "yes" and counter-examples for the answer "no".
Proceedings ArticleDOI
Authenticated-encryption with associated-data
TL;DR: This paper formalizes and investigates the authenticated-encryption with associated-data (AEAD) problem, and studies two simple ways to turn an authenticated-Encryption scheme that does not support associated- data into one that does: nonce stealing and ciphertext translation.
Book ChapterDOI
The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL?)
TL;DR: It is shown that any secure channels protocol designed to work with any combination of secure encryption (against chosen plaintext attacks) and secure MAC must use the encrypt-then-authenticate method.