Cryptology ePrint Archive: Report 2003/070
A Critique of CCM
P. Rogaway and D. Wagner
Abstract: CCM is a conventional authenticated-encryption scheme obtained from a
128-bit block cipher. The mechanism has been adopted as the mandatory
encryption algorithm in an IEEE 802.11 draft standard [15], and its use
has been proposed more broadly [16,17]. In this note we point out a
number of limitations of CCM. A related note provides an alternative
to CCM [5].
Category / Keywords: secret-key cryptography / modes of operation, provable security
Date: received 13 Apr 2003
Contact author: daw at cs berkeley edu
Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Version: 20030415:151144 (All versions of this report)
Short URL: ia.cr/2003/070
[ Cryptology ePrint archive ]