You are looking at a specific version 20190510:122051 of this paper. See the latest version.

Paper 2019/457

Forgery Attack on mixFeed in the Nonce-Misuse Scenario

Mustafa Khairallah

Abstract

mixFeed [CN19] is a round 1 candidate for the NIST Lightweight Cryptography Standardization Project. It is a single-pass, nonce-based, AES-based authenticated encryption algorithms. The authors claim that while there are no guarantees for security in terms of confidentiality in case of nonce-misuse (repetition), the integrity security still holds up to 2^32 data complexity. In this report, this claim is not true in case the plaintext length is non-zero (≥ 16 bytes to be exact). We show a forgery attack that requires only two encryption queries with the same nonce and 34 bytes of data.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
AEADforgerymixFeedNonce Misusecollision
Contact author(s)
mustafam001 @ e ntu edu sg
History
2019-05-10: received
Short URL
https://ia.cr/2019/457
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.