Cryptology ePrint Archive: Report 2019/888

Weak Keys in the Rekeying Paradigm: Attacks on COMET-128 and mixFeed

Mustafa Khairallah

Abstract: In this article, we analyze two of the NIST Round 1 Candidates for the Lightweight Cryptography Standardization Process: COMET and mixFeed. We show how AEAD modes that are based on rekeying can be modelled as modes without rekeying in the multi-key setting, where every nonce is treated as a different user. Then we show that the security degradation due to weak keys in the multi-key setting will affect these modes in the single key setting. We show how the weak key analysis of both these modes may be applied.

Category / Keywords: secret-key cryptography / weak keys, authenticated encryption, comet, mixfeed, nist, forgery, aead

Date: received 1 Aug 2019, last revised 2 Aug 2019

Contact author: mustafam001 at e ntu edu sg

Available format(s): PDF | BibTeX Citation

Version: 20190805:221810 (All versions of this report)

Short URL: ia.cr/2019/888


[ Cryptology ePrint archive ]