Forging Attacks on Two Authenticated Encryption Schemes COBRA and POET

Nandi, Mridul

doi:10.1007/978-3-662-45611-8_7

Cited by 8 publications

(5 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A prime example of where the security argument of an intricate AEAD scheme turned out to be fatally flawed, and this went unnoticed for a rather long period of time, is given by the recent results on OCB2 that completely broke the scheme [IIMP19]. There are several similar cases to report on, including the flawed EAX' scheme [MLMI14], a flawed argument in the security proof of GCM [IOM12], and flaws in some of the CAESAR submissions [Nan14,BS16,SMAP16].…”

Section: Motivation For Aead Combinersmentioning

confidence: 99%

Combiners for AEAD

Poettering¹,

Rösler²

2020

ToSC

View full text Add to dashboard Cite

The Authenticated Encryption with Associated Data (AEAD) primitive, which integrates confidentiality and integrity services under a single roof, found wide-spread adoption in industry and became indispensable in practical protocol design. Recognizing this, academic research put forward a large number of candidate constructions, many of which come with provable security guarantees. Nevertheless, the recent past has shaken up with the discovery of vulnerabilities, some of them fatal, in well-regarded schemes, stemming from weak underlying primitives, flawed security arguments, implementation-level vulnerabilities, and so on. Simply reacting to such findings by replacing broken candidates by better(?) ones is in many cases unduly, costly, and sometimes just impossible. On the other hand, as attack techniques and opportunities change over time, it seems venturous to propose any specific scheme if the intended lifetime of its application is, say, twenty years.In this work we study a workable approach towards increasing the resilience against unforeseen breaks of AEAD primitives. Precisely, we consider the ability to combine two AEAD schemes into one such that the resulting AEAD scheme is secure as long as at least one of its components is (or: as long as at most one component is broken). We propose a series of such combiners, some of which work with fully generic AEAD components while others assume specific internal structures of the latter (like an encrypt-then-MAC design). We complement our results by proving the optimality of our constructions by showing the impossibility of combiners that get along with less invocations of the component algorithms.

show abstract

Section: Motivation For Aead Combinersmentioning

confidence: 99%

Combiners for AEAD

Poettering¹,

Rösler²

2020

ToSC

View full text Add to dashboard Cite

show abstract

“…For example, R. Ankele in his Ph.D. thesis [2] analyses the COPA authenticated encryption composition scheme used in several CAESAR candidates. M. Nandi in his 2014 paper [13] demonstrates a forging attack on COBRA and POET ciphers.…”

Section: Related Researchmentioning

confidence: 99%

Avalanche Effect in Improperly Initialized CAESAR Candidates

Ukrop¹,

Švenda²

2016

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

Cryptoprimitives rely on thorough theoretical background, but often lack basic usability features making them prone to unintentional misuse by developers. We argue that this is true even for the state-of-the-art designs. Analyzing 52 candidates of the current CAESAR competition has shown none of them have an avalanche effect in authentication tag strong enough to work properly when partially misconfigured. Although not directly decreasing their security profile, this hints at their security usability being less than perfect. Paper details available at crcs.cz/papers/memics2016Comment: In Proceedings MEMICS 2016, arXiv:1612.0403

show abstract

“…Since then, many authentication encryption schemes have been proposed, such as ALE, FIDES, and AEZ [36][37][38][39][40][41][42]. However, no one has yet completely mastered all the security issues in this emerging field, and a number of security problems [43][44][45][46] have emerged. Research on authentication encryption is likely to become one of the most popular research directions in the coming years.…”

Section: Cryptographic Algorithmsmentioning

confidence: 99%

Survey on cyberspace security

Zhang

Han²,

Lai

et al. 2015

Sci. China Inf. Sci.

View full text Add to dashboard Cite

Along with the rapid development and wide application of information technology, human society has entered the information era. In this era, people live and work in cyberspace. Cyberspace is the collection of all information systems; it is the information environment for human survival. Therefore, it is necessary to ensure the security of cyberspace. This paper gives a comprehensive introduction to research and development in this field, with a description of existing problems and some currently active research topics in the areas of cyberspace itself, cyberspace security, cryptography, network security, information system security and information content security.

show abstract

Forging Attacks on Two Authenticated Encryption Schemes COBRA and POET

Cited by 8 publications

References 21 publications

Combiners for AEAD

Combiners for AEAD

Avalanche Effect in Improperly Initialized CAESAR Candidates

Survey on cyberspace security

Contact Info

Product

Resources

About