You are looking at a specific version 20190603:071253 of this paper.
See the latest version.
Paper 2019/624
Nonces are Noticed: AEAD Revisited
Mihir Bellare and Ruth Ng and Björn Tackmann
Abstract
We draw attention to a gap between theory and usage of nonce-based symmetric encryption, under which the way the former treats nonces can result in violation of privacy in the latter. We bridge the gap with a new treatment of nonce-based symmetric encryption that modifies the syntax (decryption no longer takes a nonce), upgrades the security goal (asking that not just messages, but also nonces, be hidden) and gives simple, efficient schemes conforming to the new definitions. We investigate both basic security (holding when nonces are not reused) and advanced security (misuse resistance, providing best-possible guarantees when nonces are reused).
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- A major revision of an IACR publication in CRYPTO 2019
- Keywords
- NonceAuthenticated EncryptionSymmetric EncryptionGCM
- Contact author(s)
- mihir @ eng ucsd edu,ring @ eng ucsd edu,bta @ zurich ibm com
- History
- 2019-11-12: revised
- 2019-06-03: received
- See all versions
- Short URL
- https://ia.cr/2019/624
- License
-
CC BY