CMCC: Misuse Resistant Authenticated Encryption with Minimal Ciphertext Expansion
نویسندگان
چکیده
منابع مشابه
CMCC: Misuse Resistant Authenticated Encryption with Minimal Ciphertext Expansion
In some wireless environments, minimizing the size of messages is paramount due to the resulting significant energy savings. We present CMCC, an authenticated encryption scheme with associated data (AEAD) that is also nonce misuse resistant. The main focus for this work is minimizing ciphertext expansion, especially for short messages including plaintext lengths less than the underlying block c...
متن کاملLeakage-Resilient and Misuse-Resistant Authenticated Encryption
Leakage-resilience and misuse-resistance are two important properties for the deployment of authenticated encryption schemes. They aim at mitigating the impact of implementation flaws due to side-channel leakages and misused randomness. In this paper, we discuss their interactions and incompatibilities. For this purpose, we first show a generic composition mode of a MAC with an encryption schem...
متن کاملELmE: A Misuse Resistant Parallel Authenticated Encryption
The authenticated encryptions which resist misuse of initial value (or nonce) at some desired level of privacy are two-pass or Macthen-Encrypt constructions (inherently inefficient but provide full privacy) and online constructions, e.g., McOE, sponge-type authenticated encryptions (such as duplex, AEGIS) and COPA. Only the last one is almost parallelizable with some bottleneck in processing as...
متن کاملLinking Online Misuse-Resistant Authenticated Encryption and Blockwise Attack Models
Real-world applications of authenticated encryption often require the encryption to be computable online, e.g. to compute the ith block of ciphertext after having processed the first i blocks of plaintext. A significant line of research was dedicated to identifying security notions for online authenticated encryption schemes, that capture various security goals related to real-life scenarios. F...
متن کاملAuthenticated and Misuse-Resistant Encryption of Key-Dependent Data
This paper provides a comprehensive treatment of the security of authenticated encryption (AE) in the presence of key-dependent data, considering the four variants of the goal arising from the choice of universal nonce or random nonce security and presence or absence of a header. We present attacks showing that universal-nonce security for key-dependent messages is impossible, as is security fo...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Cryptography
سال: 2018
ISSN: 2410-387X
DOI: 10.3390/cryptography2040042