In Blockwise On-line Encryption, encryption and decryption return an output block as soon as the next input block is received. In this paper, we introduce Authenticated Streamwise Online Encryption (ASOE), which operates on plaintexts and ciphertexts as streams of arbitrary length (as opposed to fixed-sized blocks), and thus significantly reduces message expansion and end-to-end latency. Also, ...

This work pursues the idea of multi-forgery attacks as introduced by Ferguson in 2002. We recoin reforgeability for the complexity of obtaining further forgeries once a first forgery has succeeded. First, we introduce a security notion for the integrity (in terms of reforgeability) of authenticated encryption schemes: j-Int-CTXT, which is derived from the notion INT-CTXT. Second, we define an a...

In [3] Al-Riyami and Paterson introduced the notion of “Certificateless Public Key Cryptography” and presented an instantiation. In this paper, we revisit the formulation of certificateless public key encryption and construct a more efficient scheme and then extend it to an authenticated encryption.

This paper presents the Code-Book Authentication mode (CBA), a submission to the CAESAR competition for authenticated encryption. CBA is a blockcipher mode of encryption that provides confidentiality and authenticity for plaintexts and authenticity for associated data. The proposed mode improves the OCB mode in the sense that it saves up to one blockcipher call to encrypt and authenticate the p...

We propose two constructions of chosen-ciphertext secure identity-based encryption (IBE) schemes. Our schemes have a security proof in the standard model, yet they offer performance competitive with all known random-oracle based schemes. The efficiency improvement is obtained by combining modifications of the IBE schemes by Waters [41] and Gentry [23] with authenticated symmetric encryption.

Researchers have discovered that the authenticated encryption portion of the current SSH Transport Protocol is vulnerable to several attacks. This document describes new symmetric encryption methods for the Secure Shell (SSH) Transport Protocol and gives specific recommendations on how frequently SSH implementations should rekey.

Cryptology consists of two complementary fields of research. One is cryptography where the development of new schemes or algorithms are concerned with its security analysis. The other one is cryptanalysis where attacks for the cryptographic algorithms are being studied. Hash function, message authentication code (or MAC), encryption and authenticated encryption are widely used objects in crypto...

CCM is a conventional authenticated-encryption scheme obtained from a 128-bit block cipher. The mechanism has been adopted as the mandatory encryption algorithm in an IEEE 802.11 draft stan­ dard [15], and its use has been proposed more broadly [16, 17]. In this note we point out a number of limitations of CCM. A related note provides an alternative to CCM [5].

We describe a new method for authenticated encryption, which uses information from the internal state of the cipher to provide the authentication. This methodology has a number of benefits. The encryption has properties similar to CBC mode, yet the encipherment and authentication mechanisms can be parallelized and/or pipelined. The authentication overhead is minimal, so the computational cost o...

Authenticated encryption refers to a class of cryptographic schemes that simultaneously provide message confidentiality and message authenticity. It is an essential component of almost every cryptographic protocol that is used in practice. In this thesis we aim to narrow the gap that exists between authenticated encryption as used in practice, and authenticated encryption as studied in the fram...