HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Indifferentiable Authenticated Encryption

Abstract : We study Authenticated Encryption with Associated Data (AEAD) from the viewpoint of composition in arbitrary (single-stage) environments. We use the indifferentiability framework to formalize the intuition that a "good" AEAD scheme should have random ciphertexts subject to de-cryptability. Within this framework, we can then apply the indifferentiability composition theorem to show that such schemes offer extra safeguards wherever the relevant security properties are not known, or cannot be predicted in advance, as in general-purpose crypto libraries and standards. We show, on the negative side, that generic composition (in many of its configurations) and well-known classical and recent schemes fail to achieve indifferentiability. On the positive side, we give a provably indifferentiable Feistel-based construction, which reduces the round complexity from at least 6, needed for blockciphers, to only 3 for encryption. This result is not too far off the theoretical optimum as we give a lower bound that rules out the indifferentiability of any construction with less than 2 rounds.
Document type :
Conference papers
Complete list of metadata

Cited literature [75 references]  Display  Hide  Download

Contributor : Pooya Farshim Connect in order to contact the contributor
Submitted on : Wednesday, October 24, 2018 - 5:40:50 PM
Last modification on : Friday, April 22, 2022 - 11:42:05 AM
Long-term archiving on: : Friday, January 25, 2019 - 3:15:37 PM


Files produced by the author(s)




Manuel Barbosa, Pooya Farshim. Indifferentiable Authenticated Encryption. Advances in Cryptology – CRYPTO 2018, Aug 2018, Santa Barbara, United States. ⟨10.1007/978-3-319-96884-1_7⟩. ⟨hal-01904141⟩



Record views


Files downloads