Practical Forgeries and Distinguishers against PAES

Practical Forgeries and Distinguishers against PAES

We present two practical attacks on the CAESAR candidate PAES. The first attack is a universal forgery for any plaintext with at least 240 bytes. It works for the nonce-repeating variant of PAES and in a nutshell it is a state recovery based on solving differential equations for the S-Box leaked thr...

Full description

Saved in:
Bibliographic Details
Main Authors: Jean, Jérémy, Nikolic, Ivica, Sasaki, Yu, Wang, Lei
Other Authors: School of Physical and Mathematical Sciences
Format: Article
Language:English
Published: 2016
Subjects:
PAES
Universal forgery
Distinguisher
Symmetric property
Authenticated encryption
Online Access:https://hdl.handle.net/10356/82018
http://hdl.handle.net/10220/39784
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English

Internet

https://hdl.handle.net/10356/82018
http://hdl.handle.net/10220/39784

Similar Items