Intercepting mobile communications: the insecurity of 802.11
Proceedings of the 7th annual international conference on Mobile computing and networking
OCB: a block-cipher mode of operation for efficient authenticated encryption
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Authenticated-encryption with associated-data
Proceedings of the 9th ACM conference on Computer and communications security
Online Ciphers and the Hash-CBC Construction
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Unforgeable Encryption and Chosen Ciphertext Secure Modes of Operation
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Fast Encryption and Authentication: XCBC Encryption and XECB Authentication Modes
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
Incremental Unforgeable Encryption
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
Attacking and repairing the winZip encryption scheme
Proceedings of the 11th ACM conference on Computer and communications security
Encryption Modes with Almost Free Message Integrity
Journal of Cryptology
HBS: A Single-Key Mode of Operation for Deterministic Authenticated Encryption
Fast Software Encryption
BTM: A Single-Key, Inverse-Cipher-Free Mode for Deterministic Authenticated Encryption
Selected Areas in Cryptography
Authenticated encryption mode for beyond the birthday bound security
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
On the security of the CCM encryption mode and of a slight variant
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Information Processing Letters
Online ciphers from tweakable blockciphers
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Two-pass authenticated encryption faster than generic composition
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
New blockcipher modes of operation with beyond the birthday bound security
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
On the impossibility of highly-efficient blockcipher-based hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
The security and performance of the galois/counter mode (GCM) of operation
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
Plaintext-Dependent decryption: a formal security treatment of SSH-CTR
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
A provable-security treatment of the key-wrap problem
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
SP 800-38B. Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication
SP 800-38B. Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication
| Hi-index | 0.00 |
On-Line Authenticated Encryption (OAE) combines privacy with data integrity and is on-line computable. Most block cipher-based schemes for Authenticated Encryption can be run on-line and are provably secure against nonce-respecting adversaries. But they fail badly for more general adversaries. This is not a theoretical observation only --- in practice, the reuse of nonces is a frequent issue. In recent years, cryptographers developed misuse-resistant schemes for Authenticated Encryption. These guarantee excellent security even against general adversaries which are allowed to reuse nonces. Their disadvantage is that encryption can be performed in an off-line way, only. This paper considers OAE schemes dealing both with nonce-respecting and with general adversaries. It introduces McOE, an efficient design for OAE schemes. For this we present in detail one of the family members, McOEx, which is a design solely based on a standard block cipher. As all the other member of the McOE family, it provably guarantees reasonable security against general adversaries as well as standard security against nonce-respecting adversaries.