Authenticated encryption

About: Authenticated encryption is a research topic. Over the lifetime, 1328 publications have been published within this topic receiving 25968 citations. The topic is also known as: AEAD & Authenticated Encryption with Associated Data.

Dual-Server Public-Key Authenticated Encryption With Keyword Search

Abstract: In cloud storage, how to search sensitive data efficiently and securely is a challenging problem. The searchable encryption technique provides a secure storage method without loss of data confidentiality and utilization. As an important branch of searchable encryption, public-key encryption with keyword search (PEKS) is widely studied by scholars. However, most of the traditional PEKS schemes are vulnerable to the inside keyword guessing attack (IKGA) or some other weaknesses. Resisting the inside keyword guessing attack is likely to become a must-have property of all new PEKS schemes. For a long time, mitigating IKGA has been inefficient and difficult, and thus most existing PEKS schemes fail in achieving their security goals. To improve the security and efficiency of PEKS, we define the notion of Dual-server Public-key Authenticated Encryption with Keyword Search (DPAEKS), which protects against IKGA with high computation efficiency, and supports the authentication property. Then, we provide a construction of DPAEKS without bilinear pairings, which is secure against IKGA by leveraging two servers that do not cooperate. Experimental results obtained using a real-world dataset show that our scheme is highly efficient and provides strong security, making it suitable for deployment in practical applications.

Beyond Birthday Bound Secure MAC in Faulty Nonce Model

Abstract: Encrypt-then-MAC (EtM) is a popular mode for authenticated encryption (AE). Unfortunately, almost all designs following the EtM paradigm, including the AE suites for TLS, are vulnerable against nonce misuse. A single repetition of the nonce value reveals the hash key, leading to a universal forgery attack. There are only two authenticated encryption schemes following the EtM paradigm which can resist nonce misuse attacks, the GCM-RUP (CRYPTO-17) and the \(\mathsf {GCM/2}^{+} \) (INSCRYPT-12). However, they are secure only up to the birthday bound in the nonce respecting setting, resulting in a restriction on the data limit for a single key. In this paper we show that nEHtM, a nonce-based variant of EHtM (FSE-10) constructed using a block cipher, has a beyond birthday bound (BBB) unforgeable security that gracefully degrades under nonce misuse. We combine nEHtM with the CENC (FSE-06) mode of encryption using the EtM paradigm to realize a nonce-based AE, CWC+. CWC+ is very close (requiring only a few more xor operations) to the CWC AE scheme (FSE-04) and it not only provides BBB security but also gracefully degrading security on nonce misuse.

Authenticated encryption method of public key and digital signature method

Abstract: The invention relates to the technical field of information safety and particularly discloses an authenticated encryption method of a public key and a digital signature method. The invention adopts a multivariable public key password system as a main body part, is combined with a Hash function authentication technology and provides double safety protection by efficiently compounding the multivariable public key password system and the Hash function authentication technology. When applying the scheme to carry out encryption or digital signature, the invention has the advantages of high realization efficiency, no need for a password algorithm coprocessor high safety, impact resistance of a quantum computer and the like and has more superiority in the safety field of intelligent cards, wireless sensing networks and the like compared with the traditional public key encryption algorithm such as RSA (Rivest-Shamir-Adleman), ECC (Elliptic Curve Crypto) and the like. The methods can be widely applied to the field of information safety systems of network safety, electronic commerce, bill, identity authentication and the like.

A Chaos-Based Authenticated Cipher with Associated Data

Abstract: In recent years, there has been a rising interest in authenticated encryption with associated data (AEAD) which combines encryption and authentication into a unified scheme. AEAD schemes provide authentication for a message that is divided into two parts: associated data which is not encrypted and the plaintext which is encrypted. However, there is a lack of chaos-based AEAD schemes in recent literature. This paper introduces a new 128-bit chaos-based AEAD scheme based on the single-key Even-Mansour and Type-II generalized Feistel structure. The proposed scheme provides both privacy and authentication in a single-pass using only one 128-bit secret key. The chaotic tent map is used to generate whitening keys for the Even-Mansour construction, round keys, and random s-boxes for the Feistel round function. In addition, the proposed AEAD scheme can be implemented with true random number generators to map a message to multiple possible ciphertexts in a nondeterministic manner. Security and statistical evaluation indicate that the proposed scheme is highly secure for both the ciphertext and the authentication tag. Furthermore, it has multiple advantages over AES-GCM which is the current standard for authenticated encryption.

Authenticated Encryption: Toward Next-Generation Algorithms

Abstract: Wondering whether researchers have a cryptographic tool able to provide both confidentiality (privacy) and integrity (authenticity) of a message? They do: authenticated encryption (AE), a symmetric-key mechanism that transforms a message into a ciphertext. This article discusses standard AE algorithms, classic security models' shortcomings for AE algorithms, and related attacks. Motivated by these attacks, the crypto community started CAESAR (Competition for Authenticated Encryption: Security, Applicability, and Robustness) to promote the development of next-generation AE algorithms.