Authenticated encryption

About: Authenticated encryption is a research topic. Over the lifetime, 1328 publications have been published within this topic receiving 25968 citations. The topic is also known as: AEAD & Authenticated Encryption with Associated Data.

An Efficient Authenticated Encryption Scheme With Message Linkages and Low Communication Costs

Abstract: An efficient authenticated encryption scheme with message linkages is proposed. For achieving both privacy and integrity in data communications, the proposed scheme requires smaller bandwidth and computational time when compared to previously pro- posed authenticated encryption schemes with message linkages. Moreover, the proposed scheme allows the verifier to recover and verify the message blocks simultaneously, and hence, the message recovery phase could be speeded up. The security of the proposed scheme is based on the authenticated encryption scheme as well as the one-way hash cryptographic function assumption.

Anonymous Multi-Receiver Identity-Based Authenticated Encryption with CCA Security

Abstract: In a multi-receiver encryption system, a sender chooses a set of authorized receivers and sends them a message securely and efficiently, as the message is well encrypted and only one ciphertext corresponding to the message is generated no matter how many receivers the sender has chosen. It can be applied to video conferencing systems, pay-per-view channels, remote education, and so forth. Due to privacy considerations, an authorized receiver may not expect that his identity is revealed. In 2010, anonymous multi-receiver identity-based (ID-based) encryption was first discussed, and furthermore, many works on the topic have been presented so far. Unfortunately, we find that all of those schemes fail to prove the chosen ciphertext attacks (CCA) security in either confidentiality or anonymity. In this manuscript, we propose the first anonymous multi-receiver ID-based authenticated encryption scheme with CCA security in both confidentiality and anonymity. In the proposed scheme, the identity of the sender of a ciphertext can be authenticated by the receivers after a successful decryption. In addition, the proposed scheme also is the first CCA-secure one against insider attacks. Moreover, only one pairing computation is required in decryption.

Leaked-State-Forgery Attack Against The Authenticated Encryption Algorithm ALE.

Abstract: ALE is a new authenticated encryption algorithm published at FSE 2013. The authentication component of ALE is based on the strong Pelican MAC, and the authentication security of ALE is claimed to be 128-bit. In this paper, we propose the leaked-state-forgery attack (LSFA) against ALE by exploiting the state information leaked from the encryption of ALE. The LSFA is a new type of differential cryptanalysis in which part of the state information is known and exploited to improve the differential probability. Our attack shows that the authentication security of ALE is only 97-bit. And the results may be further improved to around 93-bit if the whitening key layer is removed. We implemented our attacks against a small version of ALE (using 64-bit block size instead of 128-bit block size). The experimental results match well with the theoretical results.

Encryption system using device authentication keys

Abstract: An encrypted data distributing method includes preparing cipher text which can be decrypted only by a specific trusted device, and performing encryption and decryption processing at a high speed. An encryption key is prepared using an encryption device authentication key unique to an encryption device and a decryption device authentication key unique to a decryption device, and cipher text is prepared by this encryption key. The authentication keys are also sent to the decryption device. In the decryption device, the decryption device authentication key received from the encryption device is compared with the decryption device authentication key prepared by the decryption device to perform decryption processing only when the authentication keys match.

TriviA: A Fast and Secure Authenticated Encryption Scheme

Abstract: In this paper, we propose a new hardware friendly authenticated encryption (AE) scheme \({\textsf {TriviA}}\) based on (i) a stream cipher for generating keys for the ciphertext and the tag, and (ii) a pairwise independent hash to compute the tag. We have adopted one of the ISO-standardized stream ciphers for lightweight cryptography, namely Trivium, to obtain our underlying stream cipher. This new stream cipher has a state that is a little larger than the state of Trivium to accommodate a 128-bit secret key and IV. Our pairwise independent hash is also an adaptation of theEHC or “Encode-Hash-Combine” hash, that requires the optimum number of field multiplications and hence requires small hardware footprint. We have implemented the design in synthesizable RTL. Pre-layout synthesis, using 65 nm standard cell technology under typical operating conditions, reveals that \({\textsf {TriviA}}\) is able to achieve a high throughput of 91.2 Gbps for an area of 24.4 KGE. We prove that our construction has at least 128-bit security for privacy and 124-bit security of authenticity under the assumption that the underlying stream cipher produces a pseudorandom bit stream.