Abstract
The Competition for Authenticated Encryption: Security, Applicability, and Robustness (CAESAR) supported by the National Institute of Standards and Technology (NIST) is an ongoing project calling for submissions of authenticated encryption (AE) schemes. The competition itself aims at enhancing both the design of AE schemes and related analysis. The design goal is to pursue new AE schemes that are more secure than advanced encryption standard with Galois/counter mode (AES-GCM) and can simultaneously achieve three design aspects: security, applicability, and robustness. The competition has a total of three rounds and the last round is approaching the end in 2018. In this survey paper, we first introduce the requirements of the proposed design and the progress of candidate screening in the CAESAR competition. Second, the candidate AE schemes in the final round are classified according to their design structures and encryption modes. Third, comprehensive performance and security evaluations are conducted on these candidates. Finally, the research trends of design and analysis of AE for the future are discussed.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Abdellatif KM, Chotin-Avot R, Mehrez H, 2017. AES-GCM and AEGIS: efficient and high speed hardware implementations. J Signal Proc Syst, 88(1):1–12. https://doi.org/10.1007/s11265-016-1104-y
Agrawal M, Chang D, Sanadhya SK, 2017. A new authenticated encryption technique for handling long ciphertexts in memory constrained devices. Int J Appl Cryptogr, 3(3):236–261. https://doi.org/10.1504/IJACT.2017.086223
Al Mahri HQ, Simpson L, Bartlett H, et al., 2016. Tweaking generic OTR to avoid forgery attacks. Proc 6th Int Conf on Applications and Techniques in Information Security, p.41–53. https://doi.org/10.1007/978-981-10-2741-3_4
Al Mahri HQ, Simpson L, Bartlett H, et al., 2017. A fault-based attack on AEZ v4.2. Proc IEEE Trustcom/ BigDataSE/ICESS, p.634–641. https://doi.org/10.1109/trustcom/bigdatase/icess.2017.294
Andreeva E, Bogdanov A, Luykx A, et al., 2015. AES-COPA v.2. CAESAR Submission.
Andreeva E, Bogdanov A, Luykx A, et al., 2016a. AESCOPA v.1. Submission to the CAESAR competition.
Andreeva E, Bogdanov A, Datta N, 2016b. ELmD v2.1. CAESAR Third Round Submission.
Ashur T, Eichlseder M, Lauridsen MM, et al., 2018. Cryptanalysis of MORUS. Int Conf on the Theory and Application of Cryptology and Information Security, p.35–64.
Aumasson JP, Jovanovic P, Neves S, 2014a. Analysis of NORX: investigating differential and rotational properties. Proc 3rd Int Conf on Cryptology and Information Security in Latin America, p.306–324. https://doi.org/10.1007/978-3-319-16295-9_17
Aumasson JP, Jovanovic P, Neves S, 2014b. NORX: parallel and scalable AEAD. Proc 19th European Symp on Research in Computer Security, p.19–36. https://doi.org/10.1007/978-3-319-11212-1_2
Aumasson JP, Jovanovic P, Neves S, 2015. NORX v3.0. Submission to CAESAR (2016).
Bagheri N, Huang T, Jia KT, et al., 2016. Cryptanalysis of reduced NORX. Proc 23rd Int Conf on Fast Software Encryption, p.554–574. https://doi.org/10.1007/978-3-662-52993-5_28
Banik S, Bogdanov A, Minematsu K, 2016. Low-area hardware implementations of CLOC, SILC and AES-OTR. IEEE Int Symp on Hardware Oriented Security and Trust, p.71–74. https://doi.org/10.1109/HST.2016.7495559
Bay A, Ersoy O, Karakoç F, 2016. Universal forgery and key recovery attacks on ELmD authenticated encryption algorithm. Proc 22nd Int Conf on the Theory and Application of Cryptology and Information Security, p.354–368. https://doi.org/10.1007/978-3-662-53887-6_13
Bellare M, Namprempre C, 2008. Authenticated encryption: relations among notions and analysis of the generic composition paradigm. J Cryptol, 21(4):469–491. https://doi.org/10.1007/s00145-008-9026-x
Bellare M, Rogaway P, Wagner D, 2003. A conventional authenticated-encryption mode. Manuscript.
Bellare M, Rogaway P, Spies T, 2010. The FFX mode of operation for format-preserving encryption. NIST Submission.
Berti F, Koeune F, Pereira O, et al., 2016. Leakage-resilient and misuse-resistant authenticated encryption. IACR Cryptology ePrint Archive: Report 2016/996.
Bertoni G, Daemen J, Peeters M, et al., 2011. Duplexing the sponge: single-pass authenticated encryption and other applications. Int Workshop on Selected Areas in Cryptography, p.320–337. https://doi.org/10.1007/978-3-642-28496-0_19
Bertoni G, Daemen J, Peeters M, et al., 2015. Keyak v2. CAESAR Submission.
Berton G, Daemen J, Peeters M, et al., 2016. Ketje v2. CAESAR Submission.
Bhaumik R, Nandi M, 2017. Improved security for OCB3. Proc 23rd Int Conf on the Theory and Application of Cryptology and Information Security, p.638–666. https://doi.org/10.1007/978-3-319-70697-9_22
Bi WQ, Li Z, Dong XY, et al., 2017. Conditional cube attack on round-reduced River Keyak. Des Code Cryptogr, 86(6):1295–1310. https://doi.org/10.1007/s10623-017-0396-7
Biryukov A, Udovenko A, Velichkov V, 2017. Analysis of the NORX Core Permutation. IACR Cryptology ePrint Archive: Report 2017/034.
Bonnetain X, 2017. Quantum key recovery on full AEZ. Proc 24th Int Conf on Selected Areas in Cryptography, p.394–406. https://doi.org/10.1007/978-3-319-72565-9_20
Bossuet L, Datta N, Mancillas-López C, et al., 2016. ELmD: a pipelineable authenticated encryption and its hardware implementation. IEEE Trans Comp, 65(11):3318–3331. https://doi.org/10.1109/TC.2016.2529618
Bost R, Sanders O, 2016. Trick or tweak: on the (in)security of OTR’s tweaks. Proc 22nd Int Conf on the Theory and Application of Cryptology and Information Security, p.333–353. https://doi.org/10.1007/978-3-662-53887-6_12
Chaigneau C, Gilbert H, 2016. Is AEZ v4.1 sufficiently resilient against key-recovery attacks? IACR Trans Symmetr Cryptol, 2016(1):114–133. https://doi.org/10.13154/tosc.v2016.i1.114-13.
Chaigneau C, Thomas F, Gilbert H, 2015. Full key-recovery on ACORN in nonce-reuse and decryption-misuse settings. Posed on the Crypto-Competition Mailing List.
Cid C, Huang T, Peyrin T, et al., 2017. A security analysis of deoxys and its internal tweakable block ciphers. IACR Trans Symmetr Cryptol, 2017(3):73–107. https://doi.org/10.13154/tosc.v2017.i3.73-10.
Clift P, 2014. Hardware Implementation of Offset Codebook Mode3 (OCB3). MS Thesis, California State University, Sacramento, USA.
Dalai DK, Roy D, 2017. A state recovery attack on ACORNv1 and ACORN-v2. Proc 11th Int Conf on Network and System Security, p.332–345. https://doi.org/10.1007/978-3-319-64701-2_24
Das S, Maitra S, Meier W, 2015. Higher order differential analysis of NORX. IACR Cryptology ePrint Archive: Report 2015/186.
Deshpande S, Gaj K, 2017. Analysis and inner-round pipelined implementation of selected parallelizable CAESAR competition candidates. Euromicro Conf on Digital System Design, p.274–282. https://doi.org/10.1109/DSD.2017.80
Dey P, Rohit RS, Adhikari A, 2016a. Full key recovery of ACORN with a single fault. J Inform Secur Appl, 29:57–64. https://doi.org/10.1016/j.jisa.2016.03.003
Dey P, Rohit RS, Sarkar S, et al., 2016b. Differential fault analysis on Tiaoxin and AEGIS family of ciphers. Proc 4th Int Symp on Security in Computing and Communication, p.74–86. https://doi.org/10.1007/978-981-10-2738-3_7
Dinur I, Morawiecki P, Pieprzyk J, et al., 2015. Cube attacks and cube-attack-like cryptanalysis on the round-reduced Keccak sponge function. Proc 34th Annual Int Conf on the Theory and Applications of Cryptographic Techniques, p.733–761. https://doi.org/10.1007/978-3-662-46800-5_28
Dobraunig C, Eichlseder M, Korak T, et al., 2016a. Practical fault attacks on authenticated encryption modes for AES. IACR Cryptology ePrint Archive: Report 2016/616.
Dobraunig C, Eichlseder M, Korak T, et al., 2016b. Statistical fault attacks on nonce-based authenticated encryption schemes. Proc 22nd Int Conf on the Theory and Application of Cryptology and Information Security, p.369–395. https://doi.org/10.1007/978-3-662-53887-6_14
Dobraunig C, Eichlseder M, Mendel F, et al., 2016c. Ascon v1.2. Submission to the CAESAR Competition.
Dobraunig C, Eichlseder M, Mangard S, et al., 2017. ISAP—towards side-channel secure authenticated encryption. IACR Trans Symmetr Cryptol, 2017(1):80–105. https://doi.org/10.13154/tosc.v2017.i1.80-10.
Dong XY, Li Z, Wang XY, et al., 2017. Cube–like attack on round-reduced initialization of Ketje Sr. IACR Trans Symmetr Cryptol, 2017(1):259–280. https://doi.org/10.13154/tosc.v2017.i1.259-28.
Dwivedi AD, Klouček M, Morawiecki P, et al., 2016. SAT-based cryptanalysis of authenticated ciphers from the CAESAR competition. IACR Cryptology ePrint Archive: Report 2016/1053.
Dwivedi AD, Morawiecki P, Wójtowicz S, 2017. Differential and rotational cryptanalysis of round-reduced MORUS. Proc 14th Int Joint Conf on e-Business and Telecommunications, p.275–284. https://doi.org/10.5220/0006411502750284
Dwivedi AD, Klouček M, Morawiecki P, et al., 2016. SAT-based cryptanalysis of authenticated ciphers from the CAESAR competition. IACR Cryptology ePrint Archive: Report 2016/1053.
Dworkin M, 2016. Recommendation for block cipher modes of operation: methods for format-preserving encryption. NIST Special Publication 800-38G.
Ertaul L, Sravya KL, Sanka N, 2016. Implementation of authenticated encryption algorithm offset code book (OCB). Proc Int Conf on Wireless Networks, p.78–84.
Farahmand F, Diehl W, Abdulgadir A, et al., 2018. Improved lightweight implementations of CAESAR authenticated ciphers. Cryptology ePrint Archive: Report 2018/573.
Forler C, List E, Lucks S, et al., 2017. Reforgeability of authenticated encryption schemes. Proc 22nd Australasian Conf on Information Security and Privacy, p.19–37. https://doi.org/10.1007/978-3-319-59870-3_2
Fuhr T, Leurent G, Suder V, 2014. Collision attacks against CAESAR candidates. Proc 21st Int Conf on the Theory and Application of Cryptology and Information Security, p.510–532. https://doi.org/10.1007/978-3-662-48800-3_21
Fuhr T, Naya-Plasencia M, Rotella Y, 2018. State-recovery attacks on modified Ketje Jr. IACR Trans Symmetr Cryptol, 2018(1):29–56. https://doi.org/10.13154/tosc.v2018.i1.29-5.
Gligor VDP, 2016. Extended cipher block chaining encryption. Submission to NIST.
Gligor VD, Donescu P, 2001. Fast encryption and authentication: XCBC encryption and XECB authentication modes. Int Workshop on Fast Software Encryption, p.92–108.
Groß H, Wenger E, Dobraunig C, et al., 2015. Suit up!-Madeto-measure hardware implementations of ASCON. Euromicro Conf on Digital System Design, p.645–652. https://doi.org/10.1109/DSD.2015.14
Gross H, Wenger E, Dobraunig C, et al., 2017. ASCON hardware implementations and side-channel evaluation. Microprocess Microsyst, 52:470–479. https://doi.org/10.1016/j.micpro.2016.10.006
Halevi S, 2004. EME*: extending EME to handle arbitrarylength messages with associated data. Proc 5th Int Conf on Cryptology in India, p.315–327. https://doi.org/10.1007/978-3-540-30556-9_25
Halevi S, Rogaway P, 2004. A parallelizable enciphering mode. Cryptographers’ Track at the RSA Conf, p.292–304. https://doi.org/10.1007/978-3-540-24660-2_23
Hellström H, StreamSec H, 2001. Propagating cipher feedback mode. Proc 2nd NIST Modes of Operation Workshop.
Hoang VT, Krovetz T, Rogaway P, 2014. AEZ v1: authenticated-encryption by enciphering. CAESAR 1st Round.
Hoang VT, Krovetz T, Rogaway P, 2015. Robust authenticated-encryption AEZ and the problem that it solves. Proc 34th Annual Int Conf on the Theory and Applications of Cryptographic Techniques, p.15–44. https://doi.org/10.1007/978-3-662-46800-5_2
Hoang VT, Krovetz T, Rogaway P, 2016. AEZ v4. 2: authenticated encryption by enciphering. CAESAR Submission.
Huang T, Wu HJ, 2018. Distinguishing attack on NORX permutation. IACR Trans Symmetr Cryptol, 2018(1):57–73. https://doi.org/10.13154/tosc.v2018.i1.57-7.
Hwang S, Lee C, 2015. Padding Oracle attack on block cipher with CBCCBC-double mode of operation using the BOZ-PAD. J Soc e-Buss Stud, 20(1):89–97. https://doi.org/10.7838/jsebs.2015.20.1.089
Iwata T, Minematsu K, Guo J, et al., 2014. SILC: simple lightweight CFB. Submission to the CAESAR Competition.
Jean J, Nikolić I, Peyrin T, et al., 2016. Deoxys v1.41. Submitted to CAESAR.
Josh RJ, Sarkar S, 2015. Some observations on ACORN v1 and Trivia-SC. Lightweight Cryptography Workshop, p.20–21.
Jovanovic P, Luykx A, Mennink B, 2014. Beyond 2c/2 security in sponge-based authenticated encryption modes. Proc 20th Int Conf on the Theory and Application of Cryptology and Information Security, p.85–104. https://doi.org/10.1007/978-3-662-45611-8_5
Jutla CS, 2001. Encryption modes with almost free message integrity. Int Conf on the Theory and Applications of Cryptographic Techniques, p.529–544.
Jutla CS, 2016a. Integrity aware cipher block chaining. Submission to NIST.
Jutla CS, 2016b. Integrity aware parallelizable mode. Submission to NIST.
Kaushal PK, Sobti R, Geetha G, 2012. Random Key Chaining (RKC): AES mode of operation. Int J Appl Inform Syst, 1(5):39–45. https://doi.org/10.5120/ijais12-45018.
Kohno T, 2003. Carter Wegman (authentication) with Counter (encryption). https://doi.org/csrc.nist.gov/CryptoToolkit/modes/proposedmodes/cwc/cwc-spec.pdf
Kotegawa M, Iwai K, Tanaka H, et al., 2016. Optimization of hardware implementations with high-level synthesis of authenticated encryption. Bull Netw Comput Syst Soft, 5(1):26–33.
Koteshwara S, Das A, Parhi KK, 2017. FPGA implementation and comparison of AES-GCM and Deoxys authenticated encryption schemes. IEEE Int Symp on Circuits and Systems, p.1–4. https://doi.org/10.1109/ISCAS.2017.8050315
Krovetz T, Rogaway P, 2016. OCB (v1.1). https://doi.org/competitions.cr.yp.to/round3/ocbv11.pdf
Kumar S, Haj-Yahya J, Chattopadhyay A, 2018. Efficient hardware accelerator for NORX authenticated encryption. IEEE Int Symp on Circuits and Systems, p.1–5. https://doi.org/10.1109/ISCAS.2018.8351145
Lafitte F, Lerman L, Markowitch O, et al., 2016. SAT-based cryptanalysis of ACORN. IACR Cryptology ePrint Archive: Report 2016/521.
Li Z, Dong XY, Wang XY, 2017. Conditional cube attack on round-reduced ASCON. IACR Trans Symmetr Cryptol, 2017(1):175–202. https://doi.org/10.13154/tosc.v2017.i1.175-20.
Liskov M, Rivest RL, Wagner D, 2002. Tweakable block ciphers. Proc 22nd Annual Int Cryptology Conf, p.31–46. https://doi.org/10.1007/3-540-45708-9_3
Liskov M, Rivest RL, Wagner D, 2011. Tweakable block ciphers. J Cryptol, 24(3):588–613. https://doi.org/10.1007/s00145-010-9073-y
Liu FB, Liu FM, 2017. Universal forgery and key recovery attacks: application to FKS, FKD and Keyak. Cryptology ePrint Archive: Report 2017/691.
Liu MC, Lin DD, 2014. Cryptanalysis of lightweight authenticated cipher ACORN. Posed on the Crypto-Competition Mailing List.
Lu JQ, 2015. On the security of the COPA and marble authenticated encryption algorithms against (almost) universal forgery attack. IACR Cryptology ePrint Archive: Report 2015/079.
Lu JQ, 2017. Almost universal forgery attacks on the COPA and marble authenticated encryption algorithms. Proc ACM Asia Conf on Computer and Communications Security, p.789–799. https://doi.org/10.1145/3052973.3052981
Mary DSN, Begum AT, 2017. An algorithm for moderating DoS attack in web based application. Int Conf on Technical Advancements in Computers and Communications, p.26–31. https://doi.org/10.1109/ICTACC.2017.17
McGrew D, Viega J, 2004. The Galois/counter mode of operation (GCM). Submission to NIST Modes of Operation Process.
McKay KA, Bassham LE, Turan MS, et al., 2017. Report on lightweight cryptography. NIST.
Mehrdad A, Moazami F, Soleimany H, 2018. Impossible differential cryptanalysis on deoxys-BC-256. Cryptology ePrint Archive, Report 2018/048.
Mennink B, 2017. Weak keys for AEZ, and the external key padding attack. Cryptographers’ Track at the RSA Conf, p.223–237. https://doi.org/10.1007/978-3-319-52153-4_13
Mennink B, Reyhanitabar R, Vizár D, 2015. Security of full-state keyed sponge and duplex: applications to authenticated encryption. Int Conf on the Theory and Application of Cryptology and Information Security, p.465–489. https://doi.org/10.1007/978-3-662-48800-3_19
Meyers M, Daemen J, Batina L, 2017. Side channel protected Keyak on ARM cortex-M4. https://doi.org/www.cs.ru.nl/bachelors-theses/2017/Martin_Meyers_4497899_Side_channel_protected_Keyak_on_ARM_Cortex-M4.pdf
Mileva A, Dimitrova V, Velichkov V, 2015. Analysis of the authenticated cipher MORUS (v1). Proc 2nd Int Conf on Cryptography and Information Security in the Balkans, p.45–59. https://doi.org/10.1007/978-3-319-29172-7_4
Minaud B, 2014. Linear biases in AEGIS keystream. Proc 21st Int Conf on Selected Areas in Cryptography, p.290–305. https://doi.org/10.1007/978-3-319-13051-4_18
Minematsu K, 2014. Parallelizable rate-1 authenticated encryption from pseudorandom functions. Proc 33rd Annual Int Conf on the Theory and Applications of Cryptographic Techniques, p.275–292. https://doi.org/10.1007/978-3-642-55220-5_16
Minematsu K, 2016. AES-OTR v3.1. Japan Submission to CAESAR, NEC Corporation.'
Minematsu K, Guo J, Kobayashi E, 2016. CLOC and SILC. https://doi.org/competitions.cr.yp.to/round3/clocsilcv3.pdf
Moise A, Beroset E, Phinney T, et al., 2011. EAX’ Cipher Mode. NIST.
Morawiecki P, Pieprzyk J, Straus M, et al., 2015. Applications of key recovery cube-attack-like. IACR Cryptology ePrint Archive: Report 2015/1009.
Nandi M, 2015. Revisiting security claims of XLS and COPA. IACR Cryptology ePrint Archive: Report 2015/444.
Nikolić I, 2016. Tiaoxin v2.1. CAESAR Third Round Submission.
Pereira O, Standaert FX, Vivek S, 2015. Leakage-resilient authentication and encryption from symmetric cryptographic primitives. Proc 22nd ACM SIGSAC Conf on Computer and Communications Security, p.96–108. https://doi.org/10.1145/2810103.2813626
Peyrin T, Sim SM, Wang L, et al., 2015. Cryptanalysis of JAMBU. Proc 22nd Int Workshop on Fast Software Encryption, p.264–281. https://doi.org/10.1007/978-3-662-48116-5_13
Pub F, 1980. DES Modes of Operation. https://doi.org/csrc.nist.gov/publications/detail/fips/81/archive/1980-12-0.
Recacha F, 2016. Input and output chaining. Submission to NIST.
Rivain M, Prouff E, 2010. Provably secure higher-order masking of AES. Proc 12th Int Workshop on Cryptographic Hardware and Embedded Systems, p.413–427. https://doi.org/10.1007/978-3-642-15031-9_28
Rogaway P, 2004. Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. Proc 10th Int Conf on the Theory and Application of Cryptology and Information Security, p.16–31. https://doi.org/10.1007/978-3-540-30539-2_2
Rogaway P, 2016. Offset codebook. Submission to NIST.
Rogaway P, Shrimpton T, 2007. The SIV mode of operation for deterministic authenticated-encryption (key wrap) and misuse-resistant nonce-based authenticatedencryption. https://doi.org/web.cs.ucdavis.edu/rogaway/papers/siv.pdf
Rogaway P, Bellare M, Black J, et al., 2001. OCB Mode. IACR Cryptology ePrint Archive.
Rott J, 2010. IntelAdvanced Encryption Standard Instructions (AES-NI). Technical Report, Intel.
Roy DB, Chakraborti A, Chang D, et al., 2016. Fault based almost universal forgeries on CLOC and SILC. Proc 6th Int Conf on Security, Privacy, and Applied Cryptography Engineering, p.66–86. https://doi.org/10.1007/978-3-319-49445-6_4
Roy DB, Chakraborti A, Chang D, et al., 2017. Two efficient fault-based attacks on CLOC and SILC. J Hardw Syst Secur, 1(3):252–268. https://doi.org/10.1007/s41635-017-0022-1
Sadeghi H, Alizadeh J, 2014. A forgery attack on AES-OTR.
Salam I, Simpson L, Bartlett H, et al., 2017. Investigating cube attacks on the authenticated encryption stream cipher MORUS. IEEE Trustcom/BigDataSE/ICESS, p.961–966. https://doi.org/10.1109/trustcom/bigdatase/icess.2017.337
Salam I, Al Mahri HQ, Simpson L, et al., 2018a. Fault attacks on Tiaoxin-346. Proc Australasian Computer Science Week Multiconf, Article 5. https://doi.org/10.1145/3167918.3167940
Salam I, Simpson L, Bartlett H, et al., 2018b. Fault attacks on the authenticated encryption stream cipher MORUS. Cryptography, 2(1), Article 4. https://doi.org/10.3390/cryptography2010004
Salam MI, Bartlett H, Dawson E, et al., 2016a. Investigating cube attacks on the authenticated encryption stream cipher ACORN. Proc 6th Int Conf on Applications and Techniques in Information Security, p.15–26. https://doi.org/10.1007/978-981-10-2741-3_2
Salam MI, Wong KKH, Bartlett H, et al., 2016b. Finding state collisions in the authenticated encryption stream cipher ACORN. Proc Australasian Computer Science Week Multiconf, Article 36.
Samwel N, Daemen J, 2017. DPA on hardware implementations of Ascon and Keyak. Proc Computing Frontiers Conf, p.415–424. https://doi.org/10.1145/3075564.3079067
Sasaki Y, 2018. Improved related-tweakey boomerang attacks on deoxys-BC. Progress in Cryptology-AFRICACRYPT, p.87–106. https://doi.org/10.1007/978-3-319-89339-6_6
Schroeppel RC, Anderson WE, Beaver CL, et al., 2004. Cipher-state (CS) mode of operation for AES. Submission to NIST.
Shi TR, Guan J, Li JZ, et al., 2016. Improved collision cryptanalysis of authenticated cipher MORUS. Proc 2nd Int Conf on Artificial Intelligence and Industrial Engineering, p.429–432. https://doi.org/10.2991/aiie-16.2016.98
Shi TR, Jin CH, Guan J, 2018. Collision attacks against AEZ-PRF for authenticated encryption AEZ. China Commun, 15(2):46–53. https://doi.org/10.1109/CC.2018.8300271
Siddhanti A, Sarkar S, Maitra S, et al., 2017. Differential fault attack on grain v1, ACORN v3 and lizard. Proc 7th Int Conf on Security, Privacy, and Applied Cryptography Engineering, p.247–263. https://doi.org/10.1007/978-3-319-71501-8_14
Song L, Guo J, Shi DP, et al., 2017. New MILP modeling: improved conditional cube attacks on Keccakbased constructions. Cryptology ePrint Archive: Report 2017/1030.
Stoffelen K, 2015. Intrinsic Side-Channel Analysis Resistance and Efficient Masking. MS Thesis, Radboud University, Nijmegen, the Netherlands.
Sun ZL, Wang P, Zhang LT, 2012. Collision attacks on variant of OCB mode and its series. Proc 8th Int Conf on Information Security and Cryptology, p.216–224. https://doi.org/10.1007/978-3-642-38519-3_14
Unterluggauer T, Werner M, Mangard S, 2018. MEAS: memory encryption and authentication secure against sidechannel attacks. J Cryptogr Eng, 2018(1):1–22. https://doi.org/10.1007/s13389-018-0180-2
Vaudenay S, Vizár D, 2017. Under pressure: security of Caesar candidates beyond their guarantees. Cryptology ePrint Archive: Report 2017/1147.
Veyrat-Charvillon N, Medwed M, Kerckhof S, et al., 2012. Shuffling against side-channel attacks: a comprehensive study with cautionary note. Proc 18th Int Conf on the Theory and Application of Cryptology and Information Security, p.740–757. https://doi.org/10.1007/978-3-642-34961-4_44
Wang G, Zhang HY, Liu FM, 2017. Security proof of JAMBU under nonce respecting and nonce misuse cases. Cryptology ePrint Archive: Report 2017/831.
Wang HR, He H, Zhang WZ, 2018. Demadroid: object reference graph-based malware detection in Android. Secur Commun Netw, Article 7 064 131. https://doi.org/10.1155/2018/7064131
Wegman MN, Carter JL, 1981. New hash functions and their use in authentication and set equality. J Comp Syst Sci, 22(3):265–279. https://doi.org/10.1016/0022-0000(81)90033-7
Wetzels J, Bokslag W, 2015. Sponges and engines: an introduction to Keccak and Keyak. https://doi.org/arxiv.org/abs/1510.02856
Whiting D, Housley R, Ferguson N, 2003. Counter with CBC-MAC (CCM). Network Working Group.
Wu HJ, 2016. ACORN: a lightweight authenticated cipher (v3). Candidate for the CAESAR Competition.
Wu HJ, Huang T, 2014. JAMBU lightweight authenticated encryption mode and AES-JAMBU. CAESAR Competition Proposal.
Wu HJ, Huang T, 2016. The authenticated cipher MORUS (v2). https://doi.org/competitions.cr.yp.to/round3/morusv2.pdf
Wu HJ, Preneel B, 2013. AEGIS: a fast authenticated encryption algorithm. Proc 20th Int Conf on Selected Areas in Cryptography, p.185–201. https://doi.org/10.1007/978-3-662-43414-7_10
Xue L, 2016. A Novel Approach for Flexray Protocol with Confidentiality and Authenticity. MS Thesis, National University of Singapore, Singapore.
Yalla P, Kaps JP, 2017. Evaluation of the CAESAR hardware API for lightweight implementations. Int Conf on Re-ConFigurable Computing and FPGAs (ReConFig), p.1–6. https://doi.org/10.1109/RECONFIG.2017.8279790
Zhang P, Guan J, Li JZ, et al., 2015. Research on the confusion and diffusion properties of the initialization of MORUS. J Cryptol Res, 2(6):536–548 (in Chinese). https://doi.org/10.13868/j.cnki.jcr.000100
Zhang P, Wang P, Hu HG, 2016. The INT-RUP security of OCB with intermediate (Parity) checksum. IACR Cryptology ePrint Archive: Report 2016/1059.
Zhang T, Li Q, Zhang CS, et al., 2017. Current trends in the development of intelligent unmanned autonomous systems. Front Inform Technol Electron Eng, 18(1):68–85. https://doi.org/10.1631/FITEE.1601650
Zhang WZ, Li X, Xiong NX, et al., 2016. Android platformbased individual privacy information protection system. Pers Ubiq Comp, 20(6):875–884. https://doi.org/10.1007/s00779-016-0966-0
Zhang XJ, Feng XT, Lin DD, 2017. Fault attack on the authenticated cipher ACORN v2. Secur Commun Netw, Article 3 834 685. https://doi.org/10.1155/2017/3834685
Zhang XJ, Feng XT, Lin DD, 2018. Fault attack on ACORN v3. Comp J, 61(8):1166–1179. https://doi.org/10.1093/comjnl/bxy044
Author information
Authors and Affiliations
Corresponding author
Additional information
Project supported by the National Natural Science Foundation of China (Nos. 61472357 and 61571063), the Open Fund of State Key Laboratory of Cryptology, the Major Scientific Research Project of Zhejiang Lab, and the Alibaba-Zhejiang University Joint Institute of Frontier Technologies
Rights and permissions
About this article
Cite this article
Zhang, F., Liang, Zy., Yang, Bl. et al. Survey of design and security evaluation of authenticated encryption algorithms in the CAESAR competition. Frontiers Inf Technol Electronic Eng 19, 1475–1499 (2018). https://doi.org/10.1631/FITEE.1800576
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1631/FITEE.1800576