Authenticated encryption schemes establish both privacy and authenticity. This paper specifies a family of the dedicated authenticated encryption schemes, Artemia. It is an online nonce-based authenticated encryption scheme which supports the associated data. Artemia uses the permutation based mode, JHAE, that is provably secure in the ideal permutation model. The scheme does not require the in...

A (t,n) threshold authenticated encryption scheme allows more than t signers to generate an authenticated cipher-text for a message and only the designated verifier can verify the message. Recently, Chung et al. [1] proposed a (t, n) threshold authenticated encryption scheme by applying a division-of-labor signature technique. However, we showed that the scheme has a design flaw. Then, we propo...

An authenticated encryption allows the designated recipient to verify the authenticity while recovering the message. To protect the recipient’s benefit in case of a later dispute, a convertible authenticated encryption scheme allows the recipient to convert the authenticated encryption into an ordinary signature so that it becomes a publicly verifiable. This paper shows a universal forgery atta...

The authenticated encryption scheme allows one signer to generate an authenticated cipher-text so that no one except the designated verifier can recover the message and verify the message. In a (t, n) threshold authenticated encryption scheme, any t or more signers can generate an authenticated encryption for a message and send it to the designated verifier. Compared with the conventional encry...

The TAE (tweakable authenticated encryption) mode is an authenticated encryption mode which is based on a tweakable block cipher. Previous research results show that the secure tweakable block cipher is not sufficient for the security of the authenticated encryption TAE mode. Only when the tweakable block cipher is strong will the TAE be secure. Some improvements to the TAE mode are also given ...

An authenticated encryption allows the specific recipient to verify the authenticity while recovering the message. To protect the recipient’s interest in case of a later dispute, a convertible authenticated encryption scheme allows the specific recipient to retrieve an authenticated cipher text and convert the authenticated ciphertext into an ordinary signature so that it becomes publicly verif...

Homomorphic authenticated encryption allows implicit computation on plaintexts using corresponding ciphertexts without losing privacy, and provides authenticity of the resultant plaintext when performing a decryption. However, due to its special functionality, security notions homomorphic is somewhat complicated construction fully has never been given. In this work, we propose new notion first ...

Real-world applications of authenticated encryption often require the encryption to be computable online, e.g. to compute the ith block of ciphertext after having processed the first i blocks of plaintext. A significant line of research was dedicated to identifying security notions for online authenticated encryption schemes, that capture various security goals related to real-life scenarios. F...

By combining the two notations of ring signature and authenticated encryption together, we introduce a new type of authenticated encryption signature, called ring authenticated encryption, which has the following properties: signer-ambiguity, signer-verifiability, recipient-designation, semantic-security, verification-convertibility, verification-dependence and recipient-ambiguity. We also give...