Cryptology ePrint Archive: Report 2019/679

Forgery Attacks on FlexAE and FlexAEAD

Maria Eichlseder and Daniel Kales and Markus Schofnegger

Abstract: FlexAEAD is one of the round-1 candidates in the ongoing NIST Lightweight Cryptography standardization project. In this note, we show several forgery attacks on FlexAEAD with complexity less than the security bound given by the designers, such as a block reordering attack on full FlexAEAD-128 with estimated success probability about $2^{-54}$. Additionally, we show some trivial forgeries and point out domain separation issues.

Category / Keywords: authenticated encryption, forgery attack, NIST LWC

Date: received 7 Jun 2019

Contact author: daniel kales at tugraz at

Available format(s): PDF | BibTeX Citation

Version: 20190611:082137 (All versions of this report)

Short URL: ia.cr/2019/679


[ Cryptology ePrint archive ]