An authenticated encryption scheme provides a mechanism of signing and encrypting simultaneously, and furthermore, the receiver can verify and decrypt the signature at the same time. Tseng et al. proposed two efficiently authenticated encryption schemes which can check the validity of the sent data before message recovery, but in fact their schemes cannot achieve completely the function. In thi...

In this document we present an introductory overview of the algorithms and design components underlying the Keccac cryptographic primitive and the Keyak encryption scheme for authenticated (session-supporting) encryption. This document aims to familiarize readers with the basic principles of authenticated encryption, the Sponge and Duplex constructions (full-state, keyed as well as regular vers...

A convertible authenticated encryption scheme allows the signer to create a valid authenticated ciphertext such that only the specified receiver can simultaneously recover and verify the message. To protect the receiver’s benefit of a later dispute on repudiation, the receiver has the ability to convert the signature into an ordinary one that can be verified by anyone. However, the previous pro...

This paper demonstrates operation of the authenticated encryption mode in VEST ciphers. All VEST ciphers operating in the authenticated encryption mode with infinite error propagation provide keyed message authentication at the same speed as their keystream generation, with negligible overhead and maintaining their security ratings.

Authenticated encryption schemes allow the signer to generate an authenticated ciphertext such that only the designated recipient has the ability to recover the message and verify its corresponding signature. It can be seen that authenticated encryption schemes are applicable to lots of E-Commerce applications like credit card transactions, since these schemes simultaneously fulfill the securit...

We show several concrete attacks on an authenticated encryption scheme PAE which appeared in IEEE Transactions on Information Theory, Vol. 56, no. 8, pp. 4025–4037. Additionally we show some flaws and oversights in the analysis (presented in the same paper) used to prove PAE to be a secure authenticated encryption scheme.

In 1997, two new schemes for authenticated encryption, called signcryption, have been proposed by Zheng. In this paper we point out a serious problem with these schemes. In fact, the way to gain nonrepudiation violates the confidentiality. Moreover, we compare the schemes to previously known authenticated encryption schemes, which were not mentioned by Zheng. Finally we outline a solution that ...

In this article, we shall adopt the concepts of elliptic curve cryptosystems and self-certified public keys to build a novel digital signature scheme with message recovery. The public key and the identity of the user can be authenticated simultaneously in recovering the message. In addition, we shall also present three extended digital signature schemes based on the proposed scheme. The first i...

A convertible authenticated encryption scheme allows a designated receiver to recover and verify a message simultaneously, during which the recipient can prove the dishonesty of the sender to any third party if the sender repudiates her signature later. In this paper, after showing some weaknesses in Wu et al.’s [21] and Huang et al ’s [10] convertible authenticated encryption schemes, we propo...

We propose a security model for evaluating the security of authenticated encryption schemes in the post-quantum setting. Our security model is based on a combination of the classical Bellare-Namprempre security model for authenticated encryption together with modifications from Boneh and Zhandry to handle message authentication against quantum adversaries. We give a generic construction based o...