International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News item: 24 July 2015

Kazuhiko Minematsu
ePrint Report ePrint Report
Standard form of authenticated encryption (AE) requires the ciphertext to be expanded by

the nonce and the authentication tag. These expansions can be problematic

when messages are relatively short and communication cost is high.

This paper studies a form of AE scheme whose ciphertext is only expanded by

nonce, with the help of stateful receiver which also enables detection of replays.

While there is a scheme having this feature, called AERO, proposed by McGrew and Foley,

there is no formal treatment based on the provable security framework.

We propose a provable security framework for such AE schemes, which we call MiniAE, and

show several secure schemes using standard symmetric crypto primitives.

Most notably, one of our schemes

has a similar structure as OCB mode of operation and uses only one blockcipher call

to process one input block, thus the computation cost is comparable to the

nonce-based encryption-only schemes.

Expand

Additional news items may be found on the IACR news page.