Parallelizable Authenticated Encryption from Functions

PAEQ: Parallelizable Permutation-based Authenticated Encryption (Full Version)

We propose a new authenticated encryption scheme PAEQ, which employs a fixed public permutation. In contrast to the recent sponge-based proposals, our scheme is fully parallelizable. It also allows flexible key and nonce length, and is one of the few which achieves 128-bit security for both confidentiality and data authenticity with the same key length. The permutation within PAEQ is a new desi...

Comments to NIST concerning AES Modes of Operation: OCB Mode: Parallelizable Authenticated Encryption

This note describes a parallelizable block-cipher mode of operation that simultaneously provides privacy and authenticity. It does this using only djM j=ne + 2 block cipher invocations. Here M is the plaintext (an arbitrary bit string) and n is the block length. The scheme refines one recently suggested by Jutla [Ju00].

PAES v1: Parallelizable Authenticated Encryption Schemes based on AES Round Function

Parallelizable Rate-1 Authenticated Encryption from Pseudorandom Functions

This paper proposes a new scheme for authenticated encryption (AE) which is typically realized as a blockcipher mode of operation. The proposed scheme has attractive features for fast and compact operation. When it is realized with a blockcipher, it requires one blockcipher call to process one input block (i.e. rate-1), and uses the encryption function of the blockcipher for both encryption and...

COBRA: A Parallelizable Authenticated Online Cipher Without Block Cipher Inverse

We present a new, misuse-resistant scheme for online authenticated encryption, following the framework set forth by Fleischmann et al. (FSE 2012). Our scheme, COBRA, is roughly as efficient as the GCM mode of operation for nonce-based authenticated encryption, performing one block cipher call plus one finite field multiplication per message block in a parallelizable way. The major difference fr...