scispace - formally typeset
Search or ask a question
Topic

Authenticated encryption

About: Authenticated encryption is a research topic. Over the lifetime, 1328 publications have been published within this topic receiving 25968 citations. The topic is also known as: AEAD & Authenticated Encryption with Associated Data.


Papers
More filters
Journal ArticleDOI
TL;DR: This paper proposes a new and efficient PAEKS scheme, which uses the idea of Diffie-Hellman key agreement to generate a shared secret key between each sender and receiver, and proves that the scheme is semantically secure against inside keyword guessing attacks in a multiuser setting, under the oracle Diffie -Hellman assumption.
Abstract: In recent years, it has become popular to upload patients’ medical data to a third-party cloud server (TCS) for storage through medical Internet of things. It can reduce the local maintenance burden of the medical data and importantly improve accuracy in the medical treatment. As remote TCS cannot be fully trusted, medical data should be encrypted before uploading, to protect patients’ privacy. However, encryption makes search capabilities difficult for patients and doctors. To address this issue, Huang et al. recently put forward the notion of Public-key Authenticated Encryption with Keyword Search (PAEKS) against inside keyword guessing attacks. However, the existing PAEKS schemes rely on time-consuming computation of parings. Moreover, some PAEKS schemes still have security issues in a multiuser setting. In this paper, we propose a new and efficient PAEKS scheme, which uses the idea of Diffie-Hellman key agreement to generate a shared secret key between each sender and receiver. The shared key will be used to encrypt keywords by the sender and to generate search trapdoors by the receiver. We prove that our scheme is semantically secure against inside keyword guessing attacks in a multiuser setting, under the oracle Diffie-Hellman assumption. Experimental results demonstrate that our PAEKS scheme is more efficient than that of previous ones, especially in terms of keyword searching time.

18 citations

Proceedings ArticleDOI
20 Jun 2008
TL;DR: A new lightweight authenticated encryption mechanism based on Rabbit stream cipher referred to as Rabbit-MAC, for wireless sensor networks (WSNs) that fulfils both requirements of security as well as energy efficiency is proposed.
Abstract: In this paper, we propose a new lightweight authenticated encryption mechanism based on Rabbit stream cipher referred to as Rabbit-MAC, for wireless sensor networks (WSNs) that fulfils both requirements of security as well as energy efficiency. Our proposed scheme provides data authentication, confidentiality and integrity in WSNs. We construct a Rabbit based MAC function, which can be used for data authentication and data integrity. Our proposed security protocol is an idea for resource constrained WSNs, and can be widely used in the applications of secure communication where the communication nodes have limited processing and storage capabilities while requiring sufficient levels of security. The features of Rabbit-MAC scheme conclude that this particular scheme might be more efficient than the existing schemes in terms of security and resource consumption.

18 citations

Book ChapterDOI
04 Dec 2016
TL;DR: A formal definition for the notion of nonce-based variable-stretch AE (nvAE) as a natural extension to the traditional nAE model and a second modular approach to formalizing the goal by combining the nAE notion and a new property the authors call key-equivalent separation by stretch (kess).
Abstract: In conventional authenticated-encryption (AE) schemes, the ciphertext expansion, a.k.a. stretch or tag length, is a constant or a parameter of the scheme that must be fixed per key. However, using variable-length tags per key can be desirable in practice or may occur as a result of a misuse. The RAE definition by Hoang, Krovetz, and Rogaway (Eurocrypt 2015), aiming at the best-possible AE security, supports variable stretch among other strong features, but achieving the RAE goal incurs a particular inefficiency: neither encryption nor decryption can be online. The problem of enhancing the well-established nonce-based AE (nAE) model and the standard schemes thereof to support variable tag lengths per key, without sacrificing any desirable functional and efficiency properties such as online encryption, has recently regained interest as evidenced by extensive discussion threads on the CFRG forum and the CAESAR competition. Yet there is a lack of formal definition for this goal. First, we show that several recently proposed heuristic measures trying to augment the known schemes by inserting the tag length into the nonce and/or associated data fail to deliver any meaningful security in this setting. Second, we provide a formal definition for the notion of nonce-based variable-stretch AE (nvAE) as a natural extension to the traditional nAE model. Then, we proceed by showing a second modular approach to formalizing the goal by combining the nAE notion and a new property we call key-equivalent separation by stretch (kess). It is proved that (after a mild adjustment to the syntax) any nAE scheme which additionally fulfills the kess property will achieve the nvAE goal. Finally, we show that the nvAE goal is efficiently and provably achievable; for instance, by simple tweaks to off-the-shelf schemes such as OCB.

18 citations

Journal ArticleDOI
TL;DR: Ma and Chen have proposed an authenticated encryption scheme with public verifiability which claims that the TTP can publicly verify the sender's signature without running a zero knowledge proof protocol.
Abstract: Ma and Chen have proposed an authenticated encryption scheme with public verifiability. The scheme claims that the TTP can publicly verify the sender's signature without running a zero knowledge proof protocol. The problem in verification which causes the TTP to reject a valid signature with non-negligible probability is pointed out.

18 citations

Book ChapterDOI
07 Dec 2020
TL;DR: In this paper, the authors presented generalized solutions to parallel block cipher rekeying that, for the first time, achieve security beyond the birthday bound in the block size n, which is an efficient way to achieve side-channel protection.
Abstract: Fresh rekeying is a well-established method to protect a primitive or mode against side-channel attacks: an easy to protect but cryptographically not so involved function generates a subkey from the master key, and this subkey is then used for the block encryption of a single or a few messages. It is an efficient way to achieve side-channel protection, but current solutions only achieve birthday bound security in the block size of the cipher and thus halve its security (except if more involved primitives are employed). We present generalized solutions to parallel block cipher rekeying that, for the first time, achieve security beyond the birthday bound in the block size n. The first solution involves, next to the subkey generation, one multiplication and the core block cipher call and achieves \(2^{2n/3}\) security. The second solution makes two block cipher calls, and achieves optimal \(2^n\) security. Our third solution uses a slightly larger subkey generation function but requires no adaptations to the core encryption and also achieves optimal security. The construction seamlessly generalizes to permutation based fresh rekeying. Central to our schemes is the observation that fresh rekeying and generic tweakable block cipher design are two very related topics, and we can take lessons from the advanced results in the latter to improve our understanding and development of the former. We subsequently use these rekeying schemes in a constructive manner to deliver three authenticated encryption modes that achieve beyond birthday bound security and are easy to protect against side-channel attacks.

18 citations


Network Information
Related Topics (5)
Public-key cryptography
27.2K papers, 547.7K citations
90% related
Cryptography
37.3K papers, 854.5K citations
89% related
Encryption
98.3K papers, 1.4M citations
86% related
Hash function
31.5K papers, 538.5K citations
84% related
Authentication
74.7K papers, 867.1K citations
83% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
202319
202252
202167
2020109
2019111
201897