Linking Online Misuse-Resistant Authenticated Encryption and Blockwise Attack Models
نویسندگان
چکیده
منابع مشابه
Linking Online Misuse-Resistant Authenticated Encryption and Blockwise Attack Models
Real-world applications of authenticated encryption often require the encryption to be computable online, e.g. to compute the ith block of ciphertext after having processed the first i blocks of plaintext. A significant line of research was dedicated to identifying security notions for online authenticated encryption schemes, that capture various security goals related to real-life scenarios. F...
متن کاملLeakage-Resilient and Misuse-Resistant Authenticated Encryption
Leakage-resilience and misuse-resistance are two important properties for the deployment of authenticated encryption schemes. They aim at mitigating the impact of implementation flaws due to side-channel leakages and misused randomness. In this paper, we discuss their interactions and incompatibilities. For this purpose, we first show a generic composition mode of a MAC with an encryption schem...
متن کاملELmE: A Misuse Resistant Parallel Authenticated Encryption
The authenticated encryptions which resist misuse of initial value (or nonce) at some desired level of privacy are two-pass or Macthen-Encrypt constructions (inherently inefficient but provide full privacy) and online constructions, e.g., McOE, sponge-type authenticated encryptions (such as duplex, AEGIS) and COPA. Only the last one is almost parallelizable with some bottleneck in processing as...
متن کاملAuthenticated and Misuse-Resistant Encryption of Key-Dependent Data
This paper provides a comprehensive treatment of the security of authenticated encryption (AE) in the presence of key-dependent data, considering the four variants of the goal arising from the choice of universal nonce or random nonce security and presence or absence of a header. We present attacks showing that universal-nonce security for key-dependent messages is impossible, as is security fo...
متن کاملOnline Authenticated-Encryption and its Nonce-Reuse Misuse-Resistance
A definition of online authenticated-encryption (OAE), call it OAE1, was given by Fleischmann, Forler, and Lucks (2012). It has become a popular definitional target because, despite allowing encryption to be online, security is supposed to be maintained even if nonces get reused. We argue that this expectation is effectively wrong. OAE1 security has also been claimed to capture best-possible se...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IACR Transactions on Symmetric Cryptology
سال: 2017
ISSN: 2519-173X
DOI: 10.46586/tosc.v2016.i2.125-144