Paper 2019/679
Forgery Attacks on FlexAE and FlexAEAD
Abstract
FlexAEAD is one of the round-1 candidates in the ongoing NIST Lightweight Cryptography standardization project. In this note, we show several forgery attacks on FlexAEAD with complexity less than the security bound given by the designers, such as a block reordering attack on full FlexAEAD-128 with estimated success probability about $2^{-54}$. Additionally, we show some trivial forgeries and point out domain separation issues.
Metadata
- Available format(s)
-
PDF
- Publication info
- Published elsewhere. Minor revision. IMACC 2019
- DOI
- 10.1007/978-3-030-35199-1_10
- Keywords
- authenticated encryptionforgery attackNIST LWC
- Contact author(s)
-
maria eichlseder @ iaik tugraz at
daniel kales @ tugraz at - History
- 2024-06-07: revised
- 2019-06-11: received
- See all versions
- Short URL
- https://ia.cr/2019/679
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/679,
author = {Maria Eichlseder and Daniel Kales and Markus Schofnegger},
title = {Forgery Attacks on {FlexAE} and {FlexAEAD}},
howpublished = {Cryptology ePrint Archive, Paper 2019/679},
year = {2019},
doi = {10.1007/978-3-030-35199-1_10},
note = {\url{https://eprint.iacr.org/2019/679}},
url = {https://eprint.iacr.org/2019/679}
}
