M Bellare, B Tackmann - Advances in Cryptology–CRYPTO 2016: 36th …, 2016 - Springer
We initiate the study of multi-user (mu) security of authenticated encryption (AE) schemes as a way to rigorously formulate, and answer, questions about the “randomized nonce” …
This paper revisits the multi-user (mu) security of symmetric encryption, from the perspective of delivering an analysis of the AES-GCM-SIV AEAD scheme. Our end result shows that its …
A new approach to invariant subspaces and nonlinear invariants is developed. This results in both theoretical insights and practical attacks on block ciphers. It is shown that, with minor …
N Koblitz, A Menezes - Cryptology ePrint Archive, 2019 - eprint.iacr.org
Contents Page 1 CRITICAL PERSPECTIVES ON PROVABLE SECURITY: FIFTEEN YEARS OF “ANOTHER LOOK” PAPERS NEAL KOBLITZ AND ALFRED MENEZES Abstract. We give an …
The ChaCha20-Poly1305 AEAD scheme is being increasingly widely deployed in practice. Practitioners need proven security bounds in order to set data limits and rekeying intervals …
R Ueno, N Homma, A Inoue… - IACR Transactions on …, 2024 - tches.iacr.org
This paper presents a provably secure, higher-order, and leakage-resilient (LR) rekeying scheme named LR Rekeying with Random oracle Repetition (LR4), along with a …
We draw attention to a gap between theory and usage of nonce-based symmetric encryption, under which the way the former treats nonces can result in violation of privacy in …
In Internet security protocols including TLS 1.3, KEMTLS, MLS and Noise, HMAC is being assumed to be a dual-PRF, meaning a PRF not only when keyed conventionally (through its …
VT Hoang, S Tessaro, A Thiruvengadam - Proceedings of the 2018 ACM …, 2018 - dl.acm.org
Multi-user (mu) security considers large-scale attackers (eg, state actors) that given access to a number of sessions, attempt to compromise at least one of them. Mu security of …