scispace - formally typeset
Search or ask a question
Topic

Authenticated encryption

About: Authenticated encryption is a research topic. Over the lifetime, 1328 publications have been published within this topic receiving 25968 citations. The topic is also known as: AEAD & Authenticated Encryption with Associated Data.


Papers
More filters
01 Jan 2007
TL;DR: A group-oriented CAE scheme with (t, n) shared verification was proposed in this article, which enables one signer to send a confidential message along with the signature to the designated group of n recipients.
Abstract: Conventional authenticated encryption (AE) schemes put emphasis on the one-to-one setting, which allow one signer to produce an authenticated ciphertext such that only the designated recipient can recover the message and verify its corresponding signature. To meet the need of diversified applications which require simultaneously fulfilling the security requirements of integrity, authenticity, confidentiality and non-repudiation, this paper presents a group-oriented convertible authenticated encryption (CAE) scheme with (t, n) shared verification. Designed mainly for the multi-user setting, the proposed scheme enables one signer to send a confidential message along with the signature to the designated group of n recipients. Any t or more of n designated recipients can cooperatively recover the message and verify its signature while less than or equal to t − 1 can not. Moreover, in case of a later dispute over repudiation, the designated group of recipients has the ability to convert the signature into an ordinary one for convincing anyone of the signer’s dishonesty.

45 citations

Posted Content
TL;DR: The GCM-SIV scheme proposed in this article is a misuse-resistant authenticated encryption scheme based on combining the GCM building blocks into the SIV paradigm of Rogaway and Shrimpton, which has the property that if the same nonce is used to encrypt the same message twice, then the same ciphertext is obtained and so the fact that the same was encrypted is detected.
Abstract: Authenticated encryption schemes guarantee both privacy and integrity, and have become the default level of encryption in modern protocols. One of the most popular authenticated encryption schemes today is AES-GCM due to its impressive speed. The current CAESAR competition is considering new modes for authenticated encryption that will improve on existing methods. One property of importance that is being considered more today – due to multiple real-life cases of faulty sources of randomness – is that repeating nonces and IVs can have disastrous effects on security. A (full) nonce misuse-resistant authenticated encryption scheme has the property that if the same nonce is used to encrypt the same message twice, then the same ciphertext is obtained and so the fact that the same message was encrypted is detected. Otherwise, full security is obtained – even if the same nonce is used for different messages. In this paper, we present a new fully nonce misuse-resistant authenticated encryption scheme that is based on carefully combining the GCM building blocks into the SIV paradigm of Rogaway and Shrimpton. We provide a full proof of security of our scheme, and an optimized implementation using the AES-NI and PCLMULQDQ instruction sets. We compare our performance to the highly optimized OpenSSL 1.0.2 implementation of GCM and show that our nonce misuse-resistant scheme is only 14% slower on Haswell architecture and 19% slower on Broadwell architecture. On Broadwell, GCM-SIV encryption takes only 0.92 cycles per byte, and GCM-SIV decryption is exactly the same as GCM decryption taking only 0.77 cycles per byte. In addition, we compare to other optimized authenticated-encryption implementations carried out by Bogdanov et al., and conclude that our mode is very competitive. Beyond being very fast, our new mode of operation uses the same building blocks as GCM and so existing hardware and software can be utilized to easily deploy GCM-SIV. We conclude that GCM-SIV is a viable alternative to GCM, providing full nonce misuse-resistance at little cost.

45 citations

Book ChapterDOI
07 Sep 2014
TL;DR: NORX has a unique parallel architecture based on the monkeyDuplex construction, with an original domain separation scheme for a simple processing of header, payload and trailer data, and specifies a dedicated datagram to facilitate interoperability and avoid users the trouble of defining custom encoding and signalling.
Abstract: This paper introduces NORX, a novel authenticated encryption scheme supporting arbitrary parallelism degree and based on ARX primitives, yet not using modular additions. NORX has a unique parallel architecture based on the monkeyDuplex construction, with an original domain separation scheme for a simple processing of header, payload and trailer data. Furthermore, NORX specifies a dedicated datagram to facilitate interoperability and avoid users the trouble of defining custom encoding and signalling. NORX was optimized for efficiency in both software and hardware, with a SIMD-friendly core, almost byte-aligned rotations, no secret-dependent memory lookups, and only bitwise operations. On a Haswell processor, a serial version of NORX runs at 2.51 cycles per byte. Simulations of a hardware architecture for 180 nm UMC ASIC give a throughput of approximately 10Gbps at 125MHz.

45 citations

Book ChapterDOI
08 Jul 2007
TL;DR: This work presents a general method, based on the usage of typical DBMS primitives, for maintaining authenticated relational tables that exploits techniques to represent hierarchical data structures into relational tables and queries that allow an efficient selection of the elements needed for authentication.
Abstract: We present a general method, based on the usage of typical DBMS primitives, for maintaining authenticated relational tables. The authentication process is managed by an application external to the DBMS, that stores just one hash information of the authentication structure. The method exploits techniques to represent hierarchical data structures into relational tables and queries that allow an efficient selection of the elements needed for authentication.

44 citations


Network Information
Related Topics (5)
Public-key cryptography
27.2K papers, 547.7K citations
90% related
Cryptography
37.3K papers, 854.5K citations
89% related
Encryption
98.3K papers, 1.4M citations
86% related
Hash function
31.5K papers, 538.5K citations
84% related
Authentication
74.7K papers, 867.1K citations
83% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
202319
202252
202167
2020109
2019111
201897