The TAE (tweakable authenticated encryption) mode is an authenticated encryption mode which is based on a tweakable block cipher. Previous research results show that the secure tweakable block cipher is not sufficient for the security of the authenticated encryption TAE mode. Only when the tweakable block cipher is strong will the TAE be secure. Some improvements to the TAE mode are also given ...

This paper presents an efficient authenticated encryption construction based on a universal hash function and block cipher. Encryption is achieved via counter-mode while authentication uses the Wegman-Carter paradigm. A single block-cipher key is used for both operations. The construction is instantiated using the hash functions of UMAC and VMAC, resulting in authenticated encryption with peak ...

This paper is primarily concerned with the CBC block cipher mode. The impact on the usability of this mode of recently proposed padding oracle attacks, together with other related attacks described in this paper, is considered. For applications where unauthenticated encryption is required, the use of CBC mode is compared with its major symmetric rival, namely the stream cipher. It is argued tha...

In this paper, we propose a lightweight authenticated encryption mode JAMBU. It only needs n-bit extra register for a block cipher with 2n-bit block size. It achieves n-bit authentication security when 2 bits are processed under a single key. When nonce (IV) is reused, the encryption security is similar to that of the CFB mode while the message authentication maintains strong security. We insta...

We present a new, misuse-resistant scheme for online authenticated encryption, following the framework set forth by Fleischmann et al. (FSE 2012). Our scheme, COBRA, is roughly as efficient as the GCM mode of operation for nonce-based authenticated encryption, performing one block cipher call plus one finite field multiplication per message block in a parallelizable way. The major difference fr...

A (t,n) threshold authenticated encryption scheme allows more than t signers to generate an authenticated cipher-text for a message and only the designated verifier can verify the message. Recently, Chung et al. [1] proposed a (t, n) threshold authenticated encryption scheme by applying a division-of-labor signature technique. However, we showed that the scheme has a design flaw. Then, we propo...

In today’s world of big data and rapidly increasing telecommunications, using secure cryptographic primitives that are parallelizable and incremental is becoming ever more important design goal. π-Cipher is parallel, incremental, nonce based authenticated encryption cipher with associated data. It is designed with the special purpose of providing confidentiality and integrity for big data in tr...