Paper 2014/297

Pipelineable On-Line Encryption

Farzaneh Abed, Scott Fluhrer, Christian Forler, Eik List, Stefan Lucks, David McGrew, and Jakob Wenzel


Correct authenticated decryption requires the receiver to buffer the decrypted message until the authenticity check has been performed. In high-speed networks, which must handle large message frames at low latency, this behavior becomes practically infeasible. This paper proposes CCA-secure on-line ciphers as a practical alternative to AE schemes since the former provide some defense against malicious message modifications. Unfortunately, all published on-line ciphers so far are either inherently sequential, or lack a CCA-security proof. This paper introduces POE, a family of on-line ciphers that combines provable security against chosen-ciphertext attacks with pipelineability to support efficient implementations. POE combines a block cipher and an e-AXU family of hash functions. Different instantiations of POE are given, based on different universal hash functions and suitable for different platforms. Moreover, this paper introduces POET, a provably secure on-line AE scheme, which inherits pipelineability and chosen-ciphertext-security from POE and provides additional resistance against nonce-misuse attacks.

Available format(s)
Secret-key cryptography
Publication info
A minor revision of an IACR publication in FSE 2014
on-line cipherchosen-ciphertext securityauthenticated encryption
Contact author(s)
eik list @ uni-weimar de
2014-04-30: revised
2014-04-30: received
See all versions
Short URL
Creative Commons Attribution


      author = {Farzaneh Abed and Scott Fluhrer and Christian Forler and Eik List and Stefan Lucks and David McGrew and Jakob Wenzel},
      title = {Pipelineable On-Line Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2014/297},
      year = {2014},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.