Cryptology ePrint Archive: Report 2017/231

EHE: nonce misuse-resistant message authentication

Sergey Agievich

Abstract: We propose a nonce misuse-resistant message authentication scheme called EHE (Encrypt-Hash-Encrypt). In EHE, a message-dependent polynomial is evaluated at the point which is an encrypted nonce. The resulting polynomial hash value is encrypted again and becomes an authentication tag. We prove the prf-security of the EHE scheme and extend it to two authenticated encryption modes which follow the "encrypt-then-authenticate" paradigm.

Category / Keywords: secret-key cryptography / message authentication, authenticated encryption, polynomial hashing, prf-security

Date: received 7 Mar 2017

Contact author: agievich at bsu by

Available format(s): PDF | BibTeX Citation

Version: 20170308:132228 (All versions of this report)

Short URL: ia.cr/2017/231

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]