Topic
Authenticated encryption
About: Authenticated encryption is a research topic. Over the lifetime, 1328 publications have been published within this topic receiving 25968 citations. The topic is also known as: AEAD & Authenticated Encryption with Associated Data.
Papers published on a yearly basis
Papers
More filters
26 Jun 2011
TL;DR: The Hummingbird-2 algorithm, its design and security arguments, performance analysis on both software and hardware platforms, and timing analysis in relation to the ISO 18000-6C protocol are presented.
Abstract: Hummingbird-2 is an encryption algorithm with a 128-bit secret key and a 64-bit initialization vector. Hummingbird-2 optionally produces an authentication tag for each message processed. Like it's predecessor Hummingbird-1, Hummingbird-2 has been targeted for low-end microcontrollers and for hardware implementation in lightweight devices such as RFID tags and wireless sensors. Compared to the previous version of the cipher, and in response to extensive analysis, the internal state has been increased to 128 bits and a flow of entropy from the state to the mixing function has been improved. In this paper we present the Hummingbird-2 algorithm, its design and security arguments, performance analysis on both software and hardware platforms, and timing analysis in relation to the ISO 18000-6C protocol.
155 citations
TL;DR: A certificateless public key authenticated encryption with keyword search scheme is proposed, which is provably secure against inside keyword guessing attack (IKGA) and demonstrates that it is more secure and effective compared with other certificatelesspublic key encryption with keywords search schemes.
Abstract: Industrial Internet of Things (IIoT) integrates various types of intelligent terminals, mobile devices, and communication technologies to enable the upgrade of traditional industries to intelligent industries. IIoT relies on the powerful data processing capabilities of cloud computing to reduce the cost of various on-demand services as per the requirements of users. However, the privacy and confidentiality of the outsourced data should be protected in this environment because the data are typically “handled” by a third-party service provider. An encryption technique can guarantee the confidentiality of the data but it limits data retrieval due to its innate “all-or-nothing” decryption feature. To apply encryption to privacy-preserving data retrieval, many public key encryption techniques with keyword search systems have been proposed in the literature. However, most of the existing schemes are vulnerable to inside keyword guessing attack (IKGA), which is caused by a small keyword space. To address this problem, we propose a certificateless public key authenticated encryption with keyword search scheme, which is provably secure against IKGA. A performance analysis of the proposed scheme demonstrates that it is more secure and effective compared with other certificateless public key encryption with keyword search schemes.
153 citations
04 Dec 2011
TL;DR: It is shown that when tags are longer, the TLS Record Protocol meets a new length-hiding authenticated encryption security notion that is stronger than IND-CCA.
Abstract: We analyze the security of the TLS Record Protocol, a MAC-then-Encode-then-Encrypt (MEE) scheme whose design targets confidentiality and integrity for application layer communications on the Internet. Our main results are twofold. First, we give a new distinguishing attack against TLS when variable length padding and short (truncated) MACs are used. This combination will arise when standardized TLS 1.2 extensions (RFC 6066) are implemented. Second, we show that when tags are longer, the TLS Record Protocol meets a new length-hiding authenticated encryption security notion that is stronger than IND-CCA.
147 citations
30 Aug 2009
TL;DR: In this paper, the authors present a bitsliced implementation of AES encryption in counter mode for 64-bit Intel processors, running at 7.59 cycles/byte on a Core 2, up to 25% faster than previous implementations.
Abstract: We present a bitsliced implementation of AES encryption in counter mode for 64-bit Intel processors. Running at 7.59 cycles/byte on a Core 2, it is up to 25% faster than previous implementations, while simultaneously offering protection against timing attacks. In particular, it is the only cache-timing-attack resistant implementation offering competitive speeds for stream as well as for packet encryption: for 576-byte packets, we improve performance over previous bitsliced implementations by more than a factor of 2. We also report more than 30% improved speeds for lookup-table based Galois/Counter mode authentication, achieving 10.68 cycles/byte for authenticated encryption. Furthermore, we present the first constant-time implementation of AES-GCM that has a reasonable speed of 21.99 cycles/byte, thus offering a full suite of timing-analysis resistant software for authenticated encryption.
145 citations
14 Aug 2013
TL;DR: AEGIS as discussed by the authors uses five AES round functions to process a 16-byte message block one step; AES-256 uses six AES round function rounds for 256-byte messages.
Abstract: This paper introduces a dedicated authenticated encryption algorithm AEGIS; AEGIS allows for the protection of associated data which makes it very suitable for protecting network packets. AEGIS-128 uses five AES round functions to process a 16-byte message block one step; AES-256 uses six AES round functions. The security analysis shows that both algorithms offer a high level of security. On the Intel Sandy Bridge Core i5 processor, the speed of AEGIS is around 0.7i¾?clock cycles/byte cpb for 4096-byte messages. This is comparable in speed to the CTR mode that offers only encryption and substantially faster than the CCM, GCM and OCB modes.
133 citations