Topic
Authenticated encryption
About: Authenticated encryption is a research topic. Over the lifetime, 1328 publications have been published within this topic receiving 25968 citations. The topic is also known as: AEAD & Authenticated Encryption with Associated Data.
Papers published on a yearly basis
Papers
More filters
TL;DR: It is shown that the improved authenticated encryption schemes proposed by Hwang et al. are not secure by presenting another message forgery attack against these improved schemes.
Abstract: Tseng et al. proposed two efficient authenticated encryption schemes with message linkages for message flows. Hwang et al. (IEICE Trans. Inf. and Syst., Vol. E89-D, No. 4, April 2006) presented a forgery attack against these two schemes and proposed an improvement that they claim resists such attacks. In this paper, we show that the improved authenticated encryption schemes proposed by Hwang et al. are not secure by presenting another message forgery attack against these improved schemes.
6 citations
23 Oct 2013
TL;DR: This paper provides an improvement over the previous security proof, by showing that EAX is unforgeable up to O(2 n/2) data with multiple verification queries, and provides some ideas to reduce the complexity of EAX while keeping the new security bound.
Abstract: EAX is a mode of operation for blockciphers to implement an authenticated encryption. The original paper of EAX proved that EAX is unforgeable up to O(2 n/2) data with one verification query. However, this generally guarantees a rather weak bound for the unforgeability under multiple verification queries, i.e., only (2 n/3) data is acceptable.
This paper provides an improvement over the previous security proof, by showing that EAX is unforgeable up to O(2 n/2) data with multiple verification queries. Our security proof is based on the techniques appeared in a paper of FSE 2013 by Minematsu et al. which studied the security of a variant of EAX called EAX-prime. We also provide some ideas to reduce the complexity of EAX while keeping our new security bound. In particular, EAX needs three blockcipher calls and keep them in memory as a pre-processing, and our proposals can effectively reduce three calls to one call. This would be useful when computational power and memory are constrained.
6 citations
01 Aug 2018
TL;DR: In this paper, the authors present a side-channel analysis resistant hardware implementation of the whole family of authenticated encryption schemes, including Keccak, which allows both encryption and decryption modes in the same module.
Abstract: Recently the CAESAR competition has announced several finalists among the submitted authenticated encryption algorithms, after an open selection process during the last 5 years. Applications using these algorithms are rapidly increasing today. Devices implementing these applications are enormously susceptible to physical attacks, which are able to retrieve secret data through side-channel information such as the power consumption or the electromagnetic radiations. In this work we present a Side-Channel Analysis resistant hardware implementation of the whole family of authenticated encryption schemes Ketje. By changing just one parameter, any of the Ketje designs can be obtained, and tailored for different applications, either lightweight or high throughput. We introduce a new protected Keccak implementation, as well as unprotected and protected Ketje implementations, which allow both encryption and decryption modes in the same module. In order to secure these implementations we make use of the masking scheme known as Threshold Implementations and complement it with the technique of "Changing of the Guards", achieving a first-order Side-Channel Analysis protected implementation with zero extra randomness needed. This way, no dedicated PRNG needs to be additionally implemented, avoiding issues such as the security of the PRNG itself or the quality of the randomness.
6 citations
01 Dec 2018
TL;DR: This work extends a opensource evaluation platform using the CAESAR-API in a Xilinx Zynq-7000 System on Chip (SoC) with ARM processors and an AXI interface to support on-chip power measurement and dynamic frequency scaling.
Abstract: In 2013 the Competition for Authenticated Encryption: Security, Applicability, and Robustness (CAESAR) was started. It aims at determining a portfolio of ciphers for authenticated encryption that has advantages over AES-GCM in terms of performance, security, and ease of implementation. This competition, for the first time, provides a standardized hardware API, which allows a fair comparison of hardware implementations. In this work, we extend a opensource evaluation platform using the CAESAR-API in a Xilinx Zynq-7000 System on Chip (SoC) with ARM processors and an AXI interface to support on-chip power measurement and dynamic frequency scaling. We then show the applicability of our measurement setup, giving results for the CAESAR finalists and finally pointing out some bugs in the latest official reference implementations.
6 citations
27 Jul 2010
TL;DR: A combined block cipher mode of operation is presented that provides an efficient authenticated encryption with associated-data (AEAD) security service for packet-based network communication that achieves improvements in processing energy requirement, processing latency and packet throughput when benchmarked against the NIST recommended Counter with Cipher Block Chaining Message Authentication Code (CCM) scheme.
Abstract: In this paper a combined block cipher mode of operation is presented that provides an efficient authenticated encryption with associated-data (AEAD) security service for packet-based network communication. Using software simulation we show that our construct, called CYPHER-C3, achieves improvements in processing energy requirement, processing latency and packet throughput when benchmarked against the NIST recommended Counter with Cipher Block Chaining Message Authentication Code (CCM) scheme and the de facto wireless sensor network TinySec-AE scheme.
6 citations