Comprehensive Robustness Analysis of GCM, CCM, and OCB3

Akiko Inoue; Tetsu Iwata; Kazuhiko Minematsu

Paper 2024/1339

Comprehensive Robustness Analysis of GCM, CCM, and OCB3

Akiko Inoue

, NEC (Japan)

Tetsu Iwata

, Nagoya University

Kazuhiko Minematsu

, NEC (Japan), Yokohama National University

Abstract

Clarifying the robustness of authenticated encryption (AE) schemes, such as security under nonce misuse or Release of Unverified Plaintext (RUP), is critically important due to the extensive use of AEs in real-world applications. We present a comprehensive analysis of the robustness of well-known standards, namely GCM, CCM, and OCB3. Despite many existing studies, we uncovered several robustness properties for them that were not known in the literature. In particular, we show that both GCM and CCM maintain authenticity under RUP. Moreover, CCM keeps this feature even if a nonce is misused. Together with existing analysis, our work gives a complete picture of the robustness of these standards for the first time. Our results also imply several new robust AE schemes based on GCM and CCM.

Metadata

Available format(s): PDF
Category: Secret-key cryptography
Publication info: Preprint.
Keywords: Authenticated encryption Robustness GCM CCM OCB3
Contact author(s): a_inoue @ nec com
tetsu iwata @ nagoya-u jp
k-minematsu @ nec com
History: 2024-08-30: approved; 2024-08-27: received; See all versions
Short URL: https://ia.cr/2024/1339
License: CC BY

BibTeX

@misc{cryptoeprint:2024/1339,
      author = {Akiko Inoue and Tetsu Iwata and Kazuhiko Minematsu},
      title = {Comprehensive Robustness Analysis of {GCM}, {CCM}, and {OCB3}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1339},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1339}
}