Skip to Main content Skip to Navigation
Preprints, Working Papers, ...

Forgery and Key-Recovery Attacks on CAESAR Candidate Marble

Abstract : The CAESAR competition, which started in 2014, aims at providing a new standard of authenticated encryption. In this paper, we perform an analysis of the candidate Marble. We show a generic attack on the Marble mode of operation (independent of the E transformations), where we recover the whitening key L, and perform forgeries using 2^64 chosen plaintext queries. Considering the specific internal primitives used in Marble (composed of 4 AES rounds), we also show how to recover the secret key using 2^32 additional decryption queries, in the decryption-misuse setting (where we can decipher plaintexts without valid tags).
Document type :
Preprints, Working Papers, ...
Complete list of metadata
Contributor : Gaëtan Leurent Connect in order to contact the contributor
Submitted on : Sunday, January 11, 2015 - 11:17:27 PM
Last modification on : Tuesday, January 11, 2022 - 11:16:24 AM
Long-term archiving on: : Friday, September 11, 2015 - 6:32:46 AM


Files produced by the author(s)


  • HAL Id : hal-01102031, version 1


Thomas Fuhr, Gaëtan Leurent, Valentin Suder. Forgery and Key-Recovery Attacks on CAESAR Candidate Marble. 2015. ⟨hal-01102031v1⟩



Les métriques sont temporairement indisponibles