Reconsidering the Security Bound of AES-GCM-SIV

Tetsu Iwata ,Yannick Seurin

doi:10.13154/tosc.v2017.i4.240-267

Reconsidering the Security Bound of AES-GCM-SIV

Tetsu Iwata , Yannick Seurin

https://doi.org/10.13154/tosc.v2017.i4.240-267

Copy DOI

Journal: IACR Cryptology ePrint Archive	Publication Date: Dec 15, 2017
Citations: 4

Affiliation: Nagoya University, Agence Nationale de Sécurité du Médicament et des Produits de Santé

#Key Derivation Function #Crypto + Show 8 more

Abstract
Full-Text
Similar Papers

Abstract

We make a number of remarks about the AES-GCM-SIV nonce-misuse resistant authenticated encryption scheme currently considered for standardization by the Crypto Forum Research Group (CFRG). First, we point out that the security analysis proposed in the ePrint report 2017/168 is incorrect, leading to overly optimistic security claims. We correct the bound and re-assess the security guarantees offered by the scheme for various parameters. Second, we suggest a simple modification to the key derivation function which would improve the security of the scheme with virtually no efficiency penalty.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title

Journal

Date

Author

View more papers

More From: IACR Cryptology ePrint Archive

Paper Title

Journal

Date

Author

View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.