Abstract
Authenticated encryption (AE) is a cryptographic construction that simultaneously protects confidentiality and integrity. A considerable amount of research has been devoted to the area since its formal inception in 2000. Different lines of research have been proposed to enhance the available schemes in terms of security, efficiency, and design and to implement new ideas. However, a comprehensive systematic literature review (SLR) of the topic has not been provided to the best of the authors’ knowledge. This study fills this gap in the literature by proposing a framework for classifying AE schemes and highlighting past contributions to help researchers familiarize themselves with the current state and directions for future research in the area. This SLR covered AE schemes proposed from 2000 to 2020. A total of 217 articles, selected from eight sources, were categorized into independent schemes, CAESAR competition schemes, and NIST lightweight competition schemes. These schemes were then classified according to their design approaches, security-related properties, and functional features. Our analysis reveals that a significant outstanding challenge in AE is to balance security, efficiency, and the provision of desirable features.
Highlights
We propose a framework for classifying authenticated encryption (AE) schemes and apply it to the winners of the CAESAR competition in 2019, as well as the National Institute of Standards and Technology (NIST)-LW finalists announced on March 29, 2021
Category A consisted of schemes that were not part of the CAESAR or the NIST competition
Category C contained schemes that were part of the NIST Lightweight AE Competition; they started appearing in 2019, and the finalists were announced in March 2021
Summary
A. BACKGROUND Encryption primitives used in block and stream ciphers guarantee only the confidentiality of the messages, i.e., unauthorized entities cannot view the messages. BACKGROUND Encryption primitives used in block and stream ciphers guarantee only the confidentiality of the messages, i.e., unauthorized entities cannot view the messages Such primitives cannot be naively used in secure communication because it is trivial for an adversary to tamper with the encrypted message (i.e., ciphertext) without being detected. This problem can be resolved by using authenticated encryption (AE) schemes. An AE scheme ensures the integrity and authenticity of the transmitted message.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
