Paper 2013/695

AEGIS: A Fast Authenticated Encryption Algorithm

Hongjun Wu and Bart Preneel

Abstract

This paper introduces a dedicated authenticated encryption algorithm AEGIS; AEGIS allows for the protection of associated data which makes it very suitable for protecting network packets. AEGIS-128L uses eight AES round functions to process a 32-byte message block (one step). AEGIS-128 uses five AES round functions to process a 16-byte message block (one step); AES-256 uses six AES round functions. The security analysis shows that these algorithms offer a high level of security. On the Intel Sandy Bridge Core i5 processor, the speed of AEGIS-128L, AEGIS-128 and AEGIS-256 is around 0.48, 0.66 and 0.7 clock cycles/byte (cpb) for 4096-byte messages, respectively. This is substantially faster than the AES CCM, GCM and OCB modes.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Major revision. Selected Areas in Cryptography -- SAC 2013
Keywords
Authenticated encryptionAEGISAES-NI
Contact author(s)
hongjunwu @ gmail com
History
2013-10-28: received
Short URL
https://ia.cr/2013/695
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2013/695,
      author = {Hongjun Wu and Bart Preneel},
      title = {{AEGIS}: A Fast Authenticated Encryption Algorithm},
      howpublished = {Cryptology {ePrint} Archive, Paper 2013/695},
      year = {2013},
      url = {https://eprint.iacr.org/2013/695}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.