搜索结果: 1-15 共查到“密码学 Nonce”相关记录21条 . 查询时间(0.078 秒)
CCM-SIV: Single-PRF Nonce-Misuse-Resistant Authenticated Encryption
AEAD AES-GCM AES-GCM-SIV
2019/8/6
We propose a new nonce-misuse-resistant authenticated encryption scheme, which instantiates the SIV paradigm of Rogaway and Shrimpton. In contrast to the GCM-SIV approach proposed by Gueron and Lindel...
On Misuse of Nonce-Misuse Resistance: Adapting Differential Fault Attacks on (few) CAESAR Winners
Fault Attacks DFA SPNs
2019/5/31
In this paper, we study DFA attacks on some of the CAESAR competition winners. We study the challenges imposed by the design of these modes, such as masking of the ciphertext. We also show that a very...
mixFeed [CN19] is a round 1 candidate for the NIST Lightweight Cryptography Standardization Project. It is a single-pass, nonce-based, AES-based authenticated encryption algorithms. The authors claim ...
Beyond Birthday Bound Secure MAC in Faulty Nonce Model
Graceful Security Faulty Nonce Mirror Theory
2019/2/27
Encrypt-then-MAC (EtM) is a popular mode for authenticated encryption (AE). Unfortunately, almost all designs following the EtM paradigm, including the AE suites for TLS, are vulnerable against nonce ...
Biased Nonce Sense: Lattice Attacks against Weak ECDSA Signatures in Cryptocurrencies
Hidden number problem ECDSA Lattices
2019/1/10
In this paper, we compute hundreds of Bitcoin private keys and dozens of Ethereum, Ripple, SSH, and HTTPS private keys by carrying out cryptanalytic attacks against digital signatures contained in pub...
Fault Attacks on Nonce-based Authenticated Encryption: Application to Keyak and Ketje
Fault Attack Statistical Ineffective Fault Attack SIFA
2018/11/15
In the context of fault attacks on nonce-based authenticated encryption, an attacker faces two restrictions. The first is the uniqueness of the nonce for each new encryption that prevents the attacker...
The Multi-user Security of GCM, Revisited: Tight Bounds for Nonce Randomization
cryptographic protocols Nonce Randomization
2018/11/5
Multi-user (mu) security considers large-scale attackers (e.g., state actors) that given access to a number of sessions, attempt to compromise {\em at least} one of them. Mu security of authenticated ...
Encrypt or Decrypt? To Make a Single-Key Beyond Birthday Secure Nonce-Based MAC
EDMEDM EWCDMEWCDM Mirror Theory
2018/5/28
Hedged Nonce-Based Public-Key Encryption: Adaptive Security under Randomness Failures
hedged security nonce-based public-key encryption deterministic public-key encryption
2018/1/11
Nowadays it is well known that randomness may fail due to bugs or deliberate randomness subversion. As a result, the security of traditional public-key encryption (PKE) cannot be guaranteed any more. ...
Security Proof of JAMBU under Nonce Respecting and Nonce Misuse Cases
JAMBU CAESAR Competition Provable Security
2017/9/1
JAMBU is an AEAD mode of operation which entered the third round of CAESAR competition. However, it does not have a security proof like other modes of operation do, and there was a cryptanalysis resul...
Better Bounds for Block Cipher Modes of Operation via Nonce-Based Key Derivation
modes of operation key derivation nonce-misuse resistance
2017/7/24
Block cipher modes of operation provide a way to securely encrypt using a block cipher. The main factors in analyzing modes of operation are the level of security achieved (chosen-plaintext security, ...
EHE: nonce misuse-resistant message authentication
message authentication authenticated encryption polynomial hashing
2017/3/9
We propose a nonce misuse-resistant message authentication scheme called EHE (Encrypt-Hash-Encrypt). In EHE, a message-dependent polynomial is evaluated at the point which is an encrypted nonce. The r...
EnCounter: On Breaking the Nonce Barrier in Differential Fault Analysis with a Case-Study on PAEQ
fault analysis authenticated encryption PAEQ
2016/6/20
This work exploits internal differentials within a cipher in the context of Differential Fault Analysis (DFA). This in turn overcomes the nonce barrier which acts as a natural counter-measure against ...
EWCDM: An Efficient, Beyond-Birthday Secure, Nonce-Misuse Resistant MAC
Wegman-Carter MAC Davies-Meyer construction nonce-misuse resistance
2016/5/30
We propose a nonce-based MAC construction called EWCDM (Encrypted Wegman-Carter with Davies-Meyer), based on an almost xor-universal hash function and a block cipher, with the following properties: (i...
We investigate nonce reuse issues with the GCM block cipher mode as used in TLS and focus in particular on AES-GCM, the most widely deployed variant. With an Internet-wide scan we identified 184 HTTPS...