Authenticated encryption

About: Authenticated encryption is a research topic. Over the lifetime, 1328 publications have been published within this topic receiving 25968 citations. The topic is also known as: AEAD & Authenticated Encryption with Associated Data.

The CWC Authenticated Encryption (Associated Data) Mode

Abstract: We introduce CWC, a new block cipher mode of operation designed to protect both the privacy and the authenticity of encapsulated data. Important properties of CWC include: 1. Performance. CWC is parallelizable and is efficient in both hardware and software. 2. Security. CWC is provably secure and its provable security depends only on the pseu­ dorandomness of the underlying block cipher. No other cryptographic primitives are used and no other assumptions are made. 3. Patent-free. To the best of our knowledge CWC is not covered by any patents. CWC is currently the only dedicated authenticated encryption with associated data (AEAD) scheme that simultaneously has these three properties (e.g., CCM and EAX are not parallelizable and OCB is not patent-free). Having all three of these properties makes CWC a strong candidate for use with future high-performance systems.

DiSE: Distributed Symmetric-key Encryption

Abstract: Threshold cryptography provides a mechanism for protecting secret keys by sharing them among multiple parties, who then jointly perform cryptographic operations. An attacker who corrupts up to a threshold number of parties cannot recover the secrets or violate security. Prior works in this space have mostly focused on definitions and constructions for public-key cryptography and digital signatures, and thus do not capture the security concerns and efficiency challenges of symmetric-key based applications which commonly use long-term (unprotected) master keys to protect data at rest, authenticate clients on enterprise networks, and secure data and payments on IoT devices. We put forth the first formal treatment for distributed symmetric-key encryption, proposing new notions of correctness, privacy and authenticity in presence of malicious attackers. We provide strong and intuitive game-based definitions that are easy to understand and yield efficient constructions. We propose a generic construction of threshold authenticated encryption based on any distributed pseudorandom function (DPRF). When instantiated with the two different DPRF constructions proposed by Naor, Pinkas and Reingold (Eurocrypt 1999) and our enhanced versions, we obtain several efficient constructions meeting different security definitions. We implement these variants and provide extensive performance comparisons. Our most efficient instantiation uses only symmetric-key primitives and achieves a throughput of upto 1 million encryptions/decryptions per seconds, or alternatively a sub-millisecond latency with upto 18 participating parties.

Automated Analysis and Synthesis of Authenticated Encryption Schemes

Abstract: Authenticated encryption (AE) schemes are symmetric-key encryption schemes ensuring strong notions of confidentiality and integrity. Although various AE schemes are known, there remains significant interest in developing schemes that are more efficient, meet even stronger security notions (e.g., misuse-resistance), or satisfy certain non-cryptographic properties (e.g., being patent-free). We present an automated approach for analyzing and synthesizing blockcipher-based AE schemes, significantly extending prior work by Malozemoff et al. (CSF 2014) who synthesize encryption schemes satisfying confidentiality only. Our main insight is to restrict attention to a certain class of schemes that is expressive enough to capture several known constructions yet also admits automated reasoning about security. We use our approach to generate thousands of AE schemes with provable security guarantees, both known (e.g., variants of OCB and CCM) and new. Implementing two of these new schemes, we find their performance competitive with state-of-the-art AE schemes.

Comparison of Authenticated-Encryption schemes in Wireless Sensor Networks

Abstract: Security is an important concern in any modern network. This also applies to Wireless Sensor Networks (WSNs), especially those used in applications that monitor sensitive information (e.g., health care applications). However, the highly constrained nature of sensors impose a difficult challenge: their reduced availability of memory, processing power and energy hinders the deployment of many modern cryptographic algorithms considered secure. For this reason, the choice of the most memory-, processing- and energy-efficient security solutions is of vital importance in WSNs. To date, several authors have developed extensive analyses comparing different encryption algorithms and key management schemes, while very little attention has been given to message authentication mechanisms. In this paper, we address this issues by identifying Authenticated Encryption with Associated Data (AEAD) schemes suitable for WSNs and by evaluating their features and performance on TelosB sensor nodes. As a result of this analysis, we identify the recommended choices depending on the characteristics of the target network.