Introduction to finite fields and their applications
Introduction to finite fields and their applications
Authenticated-encryption with associated-data
Proceedings of the 9th ACM conference on Computer and communications security
A New Version of the Stream Cipher SNOW
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
UMAC: Fast and Secure Message Authentication
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Unforgeable Encryption and Chosen Ciphertext Secure Modes of Operation
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Fast Encryption and Authentication: XCBC Encryption and XECB Authentication Modes
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
Encryption Modes with Almost Free Message Integrity
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
OCB: A block-cipher mode of operation for efficient authenticated encryption
ACM Transactions on Information and System Security (TISSEC)
New AES Software Speed Records
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Intel's New AES Instructions for Enhanced Performance and Security
Fast Software Encryption
HBS: A Single-Key Mode of Operation for Deterministic Authenticated Encryption
Fast Software Encryption
Faster and Timing-Attack Resistant AES-GCM
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
BTM: A Single-Key, Inverse-Cipher-Free Mode for Deterministic Authenticated Encryption
Selected Areas in Cryptography
Message authentication on 64-bit architectures
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Authenticated encryption mode for beyond the birthday bound security
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
The Poly1305-AES message-authentication code
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Two-pass authenticated encryption faster than generic composition
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
New blockcipher modes of operation with beyond the birthday bound security
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
The security and performance of the galois/counter mode (GCM) of operation
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
A provable-security treatment of the key-wrap problem
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
SP 800-38C. Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality
A General Construction of Tweakable Block Ciphers and Different Modes of Operations
IEEE Transactions on Information Theory
Efficient Linear Feedback Shift Registers with Maximal Period
Finite Fields and Their Applications
Mosh: an interactive remote shell for mobile clients
USENIX ATC'12 Proceedings of the 2012 USENIX conference on Annual Technical Conference
Length-doubling ciphers and tweakable ciphers
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
High speed implementation of authenticated encryption for the MSP430X microcontroller
LATINCRYPT'12 Proceedings of the 2nd international conference on Cryptology and Information Security in Latin America
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Hi-index | 0.00 |
We study software performance of authenticated-encryption modes CCM, GCM, and OCB. Across a variety of platforms, we find OCB to be substantially faster than either alternative. For example, on an Intel i5 ("Clarkdale") processor, good implementations of CCM, GCM, and OCB encrypt at around 4.2 cpb, 3.7 cpb, and 1.5 cpb, while CTR mode requires about 1.3 cpb. Still we find room for algorithmic improvements to OCB, showing how to trim one blockcipher call (most of the time, assuming a counter-based nonce) and reduce latency. Our findings contrast with those of McGrew and Viega (2004), who claimed similar performance for GCM and OCB.