The Poly1305-AES Message-Authentication Code
نویسنده
چکیده
Poly1305-AES is a state-of-the-art message-authentication code suitable for a wide variety of applications. Poly1305-AES computes a 16-byte authenticator of a variable-length message, using a 16-byte AES key, a 16-byte additional key, and a 16-byte nonce. The security of Poly1305-AES is very close to the security of AES; the security gap is at most 14DdL/16e/2 if messages have at most L bytes, the attacker sees at most 2 authenticated messages, and the attacker attempts D forgeries. Poly1305-AES can be computed at extremely high speed: for example, fewer than 3.625(` + 170) Athlon cycles for an `-byte message. This speed is achieved without precomputation; consequently, 1000 keys can be handled simultaneously without cache misses. Special-purpose hardware can compute Poly1305-AES at even higher speed. Poly1305AES is parallelizable, incremental, and not subject to any intellectualproperty claims.
منابع مشابه
Boosting Authenticated Encryption Robustness with Minimal Modifications
Secure and highly efficient authenticated encryption (AE) algorithms which achieve data confidentiality and authenticity in the symmetric-key setting have existed for well over a decade. By all conventional measures, AES-OCB seems to be the AE algorithm of choice on any platform with AES-NI: it has a proof showing it is secure assuming AES is, and it is one of the fastest out of all such algori...
متن کاملMessage Authentication on 64-Bit Architectures
This paper introduces VMAC, a message authentication algorithm (MAC) optimized for high performance in software on 64-bit architectures. On the Athlon 64 processor, VMAC authenticates 2KB cache-resident messages at a cost of about 0.5 CPU cycles per message byte (cpb) — significantly faster than other recent MAC schemes such as UMAC (1.0 cpb) and Poly1305 (3.1 cpb). VMAC is a MAC in the Wegman-...
متن کاملAES-CCM Cipher Suites for Transport Layer Security (TLS)
This memo describes the use of the Advanced Encryption Standard (AES) in the Counter with Cipher Block Chaining Message Authentication Code (CBC-MAC) Mode (CCM) of operation within Transport Layer Security (TLS) and Datagram TLS (DTLS) to provide confidentiality and data origin authentication. The AES-CCM algorithm is amenable to compact implementations, making it suitable for constrained envir...
متن کاملRFC 4493 The AES - CMAC Algorithm
The National Institute of Standards and Technology (NIST) has recently specified the Cipher-based Message Authentication Code (CMAC), which is equivalent to the One-Key CBC MAC1 (OMAC1) submitted by Iwata and Kurosawa. This memo specifies an authentication algorithm based on CMAC with the 128-bit Advanced Encryption Standard (AES). This new authentication algorithm is named AES-CMAC. The purpos...
متن کاملA Combined Method for Confidentiality, Integrity, Availability and Authentication (CMCIAA)
--This paper introduces a single method that ensures the Confidentiality, Integrity, Availability and Authentication of the message to be transmitted. Message is encrypted by the latest symmetric encryption standard called AES (Advanced Encryption Standard). A new method for calculating MAC (Message Authentication Code) based on the shared secret key used in AES, is proposed that proves the mes...
متن کامل