In recent years, cryptographers developed misuse resistant schemes for Authenticated Encryption. These guarantee excellent security even against general adversaries which are allowed to reuse nonces. Their disadvantage is that encryption can be performed in an off-line way, only. This paper introduces a new family of OAE schemes --called McOE -- dealing both with nonce-respecting and with general adversaries. Furthermore, we present two family members, i.e., McOE-X and McOE-G. They are based on a 'simple' block cipher. In contrast to every other OAE scheme known in literature, they provably guarantee reasonable security against general adversaries as well as standard security against nonce-respecting adversaries.
Category / Keywords: secret-key cryptography / authenticated encryption, online encryption, provable security, misuse resistant Original Publication (with minor differences): IACR-FSE-2012 Date: received 29 Nov 2011, last revised 13 Dec 2013 Contact author: christian forler at uni-weimar de Available format(s): PDF | BibTeX Citation Version: 20131213:153100 (All versions of this report) Short URL: ia.cr/2011/644 Discussion forum: Show discussion | Start new discussion