In recent years, cryptographers developed misuse resistant schemes for Authenticated Encryption. These guarantee excellent security even against general adversaries which are allowed to reuse nonces. Their disadvantage is that encryption can be performed in an off-line way, only. This paper introduces a new family of OAE schemes --called McOE -- dealing both with nonce-respecting and with general adversaries. Furthermore, we present two family members, i.e., McOE-X and McOE-G. They are based on a 'simple' block cipher. In contrast to every other OAE scheme known in literature, they provably guarantee reasonable security against general adversaries as well as standard security against nonce-respecting adversaries.
Category / Keywords: secret-key cryptography / authenticated encryption, online encryption, provable security, misuse resistant Publication Info: An abridged version of this paper appears in the Proceedings of FSE'12. This is the full version. Date: received 29 Nov 2011, last revised 31 Oct 2012 Contact author: christian forler at uni-weimar de Available formats: PDF | BibTeX Citation Version: 20121031:093124 (All versions of this report) Discussion forum: Show discussion | Start new discussion