CryptoDB
Fast Decryption: a New Feature of Misuse-Resistant AE
| Authors: |
|
|---|---|
| Download: | |
| Abstract: | Misuse-resistant AE (MRAE) is a class of authenticated encryption (AE) that has a resistance against a potential misuse (repeat) of nonce. MRAE has received significant attention from the initial proposal by Rogaway and Shrimpton. They showed a generic MRAE construction called SIV. SIV becomes a de-facto scheme for MRAE, however, one notable drawback is its two-pass operation for both encryption and decryption. This implies that MRAE built on SIV is slower than the integrated nonce-based AE schemes, such as OCB.In this paper, we propose a new method to improve this situation. Particularly, our MRAE proposal (decryption-fast SIV or DFV) allows to decrypt as fast as a plain decryption, hence theoretically doubles its speed from the original SIV, while keeping the encryption speed equivalent to SIV. We present several generic compositions for DFV and their instantiations. |
Video from TOSC 2020
BibTeX
@article{tosc-2020-30565,
title={Fast Decryption: a New Feature of Misuse-Resistant AE},
journal={IACR Transactions on Symmetric Cryptology},
publisher={Ruhr-Universität Bochum},
volume={2020, Issue 3},
pages={87-118},
url={https://tosc.iacr.org/index.php/ToSC/article/view/8697},
doi={10.13154/tosc.v2020.i3.87-118},
author={Kazuhiko Minematsu},
year=2020
}