Authenticated-encryption with associated-data
When a message is transformed into a ciphertext in a way designed to protect both its privacy and authenticity, there may be additional information, such as a packet header, that travels alongside the ciphertext (at least conceptually) and must get authenticated with it. We formalize and investigate...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2014
|
| Online Access: | http://www.scopus.com/inward/record.url?eid=2-s2.0-0037673324&partnerID=40&md5=cef85c5fcab2474c35bec761bc02254b http://cmuir.cmu.ac.th/handle/6653943832/5183 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Chiang Mai University |
| Language: | English |
| id |
th-cmuir.6653943832-5183 |
|---|---|
| record_format |
dspace |
| spelling |
th-cmuir.6653943832-51832014-08-30T02:56:14Z Authenticated-encryption with associated-data Rogaway P. Atluri V. When a message is transformed into a ciphertext in a way designed to protect both its privacy and authenticity, there may be additional information, such as a packet header, that travels alongside the ciphertext (at least conceptually) and must get authenticated with it. We formalize and investigate this authenticated-encryption with associated-data (AEAD) problem. Though the problem has long been addressed in cryptographic practice, it was never provided a definition or even a name. We do this, and go on to look at efficient solutions for AEAD, both in general and for the authenticated-encryption scheme OCB. For the general setting we study two simple ways to turn an authenticated-encryption scheme that does not support associated-data into one that does: nonce stealing and ciphertext translation. For the case of OCB we construct an AEAD-scheme by combining OCB and the pseudorandom function PMAC, using the same key for both algorithms. We prove that, despite "interaction" between the two schemes when using a common key, the combination is sound. We also consider achieving AEAD by the generic composition of a nonce-based, privacy-only encryption scheme and a pseudorandom function. 2014-08-30T02:56:14Z 2014-08-30T02:56:14Z 2002 Conference Paper 61154 http://www.scopus.com/inward/record.url?eid=2-s2.0-0037673324&partnerID=40&md5=cef85c5fcab2474c35bec761bc02254b http://cmuir.cmu.ac.th/handle/6653943832/5183 English |
| institution |
Chiang Mai University |
| building |
Chiang Mai University Library |
| country |
Thailand |
| collection |
CMU Intellectual Repository |
| language |
English |
| description |
When a message is transformed into a ciphertext in a way designed to protect both its privacy and authenticity, there may be additional information, such as a packet header, that travels alongside the ciphertext (at least conceptually) and must get authenticated with it. We formalize and investigate this authenticated-encryption with associated-data (AEAD) problem. Though the problem has long been addressed in cryptographic practice, it was never provided a definition or even a name. We do this, and go on to look at efficient solutions for AEAD, both in general and for the authenticated-encryption scheme OCB. For the general setting we study two simple ways to turn an authenticated-encryption scheme that does not support associated-data into one that does: nonce stealing and ciphertext translation. For the case of OCB we construct an AEAD-scheme by combining OCB and the pseudorandom function PMAC, using the same key for both algorithms. We prove that, despite "interaction" between the two schemes when using a common key, the combination is sound. We also consider achieving AEAD by the generic composition of a nonce-based, privacy-only encryption scheme and a pseudorandom function. |
| author2 |
Atluri V. |
| author_facet |
Atluri V. Rogaway P. |
| format |
Conference or Workshop Item |
| author |
Rogaway P. |
| spellingShingle |
Rogaway P. Authenticated-encryption with associated-data |
| author_sort |
Rogaway P. |
| title |
Authenticated-encryption with associated-data |
| title_short |
Authenticated-encryption with associated-data |
| title_full |
Authenticated-encryption with associated-data |
| title_fullStr |
Authenticated-encryption with associated-data |
| title_full_unstemmed |
Authenticated-encryption with associated-data |
| title_sort |
authenticated-encryption with associated-data |
| publishDate |
2014 |
| url |
http://www.scopus.com/inward/record.url?eid=2-s2.0-0037673324&partnerID=40&md5=cef85c5fcab2474c35bec761bc02254b http://cmuir.cmu.ac.th/handle/6653943832/5183 |
| _version_ |
1681420377141542912 |