Paper 2019/679

Forgery Attacks on FlexAE and FlexAEAD

Maria Eichlseder
Daniel Kales
Markus Schofnegger
Abstract

FlexAEAD is one of the round-1 candidates in the ongoing NIST Lightweight Cryptography standardization project. In this note, we show several forgery attacks on FlexAEAD with complexity less than the security bound given by the designers, such as a block reordering attack on full FlexAEAD-128 with estimated success probability about $2^{-54}$. Additionally, we show some trivial forgeries and point out domain separation issues.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Minor revision. IMACC 2019
DOI
10.1007/978-3-030-35199-1_10
Keywords
authenticated encryptionforgery attackNIST LWC
Contact author(s)
maria eichlseder @ iaik tugraz at
daniel kales @ tugraz at
History
2024-06-07: revised
2019-06-11: received
See all versions
Short URL
https://ia.cr/2019/679
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/679,
      author = {Maria Eichlseder and Daniel Kales and Markus Schofnegger},
      title = {Forgery Attacks on {FlexAE} and {FlexAEAD}},
      howpublished = {Cryptology ePrint Archive, Paper 2019/679},
      year = {2019},
      doi = {10.1007/978-3-030-35199-1_10},
      note = {\url{https://eprint.iacr.org/2019/679}},
      url = {https://eprint.iacr.org/2019/679}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.