Cryptology ePrint Archive: Report 2022/268
Efficient Schemes for Committing Authenticated Encryption
Mihir Bellare and Viet Tung Hoang
Abstract: This paper provides efficient authenticated-encryption (AE) schemes in which a ciphertext is a commitment to the key. These are extended, at minimal additional cost, to schemes where the ciphertext is a commitment to all encryption inputs, meaning key, nonce, associated data and message. Our primary schemes are modifications of GCM (for basic, unique-nonce AE security) and AES-GCM-SIV (for misuse-resistant AE security) and add both forms of commitment without any increase in ciphertext size. We also give more generic, but somewhat more costly, solutions.
Category / Keywords: secret-key cryptography / Symmetric Encryption, Authenticated Encryption, GCM, PRF, Hash Function, commitment
Original Publication (with major differences): IACR-EUROCRYPT-2022
Date: received 28 Feb 2022, last revised 11 May 2022
Contact author: mihir at eng ucsd edu, tvhoang at cs fsu edu
Available format(s): PDF | BibTeX Citation
Version: 20220511:143540 (All versions of this report)
Short URL: ia.cr/2022/268
[ Cryptology ePrint archive ]