cycle counts for authenticated encryption d j bernstein
play

Cycle counts for authenticated encryption D. J. Bernstein - PDF document

Dec 02, 2022 •281 likes •323 views

Cycle counts for authenticated encryption D. J. Bernstein http://cr.yp.to /streamciphers /timings.html Standard construction: encrypt with stream cipher; authenticate the ciphertext by appending encrypted hash. How to hash the ciphertext?

  1. Cycle counts for authenticated encryption D. J. Bernstein http://cr.yp.to /streamciphers /timings.html

  2. Standard construction: encrypt with stream cipher; authenticate the ciphertext by appending encrypted hash. How to hash the ciphertext? 1 ) + 2 ) + 3 ; AES(AES( MD5 with a secret IV; Poly1305, provable, fast; UMAC, faster given SSE2; VMAC, faster given AMD64; Badger; MAC1071; etc. How to encrypt the hash? The same stream cipher; MD5, secret IV; AES; etc.

  3. Cost of standard construction is cost of stream cipher plus cost of encrypted hash plus various overheads: e.g. cache misses (non-orthogonal). Alternative constructions? eSTREAM solicited schemes. Responses: NLS, Phelix, etc. Is an authenticating cipher, such as Phelix, faster than the standard construction? Previous eSTREAM timings didn’t include hash costs.

  4. Maybe the fastest AE scheme depends on the situation. Decrypting legitimate packets? Rejecting forged packets? Small packets? Large packets? More packet-size effects? Many keys active at once? Only one key? Pentium III? Pentium 4? Athlon? UltraSPARC III? PowerPC G5? Athlon 64 X2? Core 2 Duo? Let’s measure everything!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Goals of Encryption authenticated encryption sender Daniel J. Bernstein

Goals of Encryption authenticated encryption sender Daniel J. Bernstein

Goals of Encryption authenticated encryption sender Daniel J. Bernstein University of Illinois at Chicago & m Technische Universiteit Eindhoven c k More details, credits: competitions.cr.yp.to network

1.33k views • 118 slides
Authenticated Encryption Kenny Paterson Information Security Group @kennyog ;

Authenticated Encryption Kenny Paterson Information Security Group @kennyog ;

Authenticated Encryption Kenny Paterson Information Security Group @kennyog ; www.isg.rhul.ac.uk/~kp Motivation for Authenticated Encryption Authenticated Encryption (AE) m 1 m 2 Security goals: Confidentiality and integrity of messages

649 views • 60 slides
Permutation-based encryption, authentication and authenticated encryption Joan Daemen 1 Joint

Permutation-based encryption, authentication and authenticated encryption Joan Daemen 1 Joint

. . . . . . Permutation-based encryption, authentication and authenticated encryption Permutation-based encryption, authentication and authenticated encryption Joan Daemen 1 Joint work with DIAC 2012, Stockholm, July 6 Guido Bertoni 1 ,

739 views • 49 slides
PAEQ: Parallelizable Permutation-based Authenticated Encryption Alex Biryukov and Dmitry

PAEQ: Parallelizable Permutation-based Authenticated Encryption Alex Biryukov and Dmitry

PAEQ: Parallelizable Permutation-based Authenticated Encryption Alex Biryukov and Dmitry Khovratovich University of Luxembourg 12 October 2014 Authenticated encryption Simple encryption If you just want to protect confidentiality of your

991 views • 32 slides
The LOCAL attack: Cryptanalysis of the authenticated encryption scheme ALE Dmitry Khovratovich

The LOCAL attack: Cryptanalysis of the authenticated encryption scheme ALE Dmitry Khovratovich

The LOCAL attack: Cryptanalysis of the authenticated encryption scheme ALE Dmitry Khovratovich and Christian Rechberger University of Luxembourg and DTU (Denmark) Presented by Yu Sasaki (NTT, Japan) 15 August 2013 Authenticated encryption

556 views • 22 slides
Introduction to Authenticated Encryption Tom Shrimpton Summer School on Real-World Crypto and

Introduction to Authenticated Encryption Tom Shrimpton Summer School on Real-World Crypto and

(A brief, incomplete) Introduction to Authenticated Encryption Tom Shrimpton Summer School on Real-World Crypto and Privacy June 11, 2018 Authenticated Encryption M M Its complicated Probabilistic or deterministic AE? Nonce based AE?

868 views • 47 slides
Permutation-based encryption, authentication and authenticated encryption Guido Bertoni 1 , Joan

Permutation-based encryption, authentication and authenticated encryption Guido Bertoni 1 , Joan

Permutation-based encryption, authentication and authenticated encryption Guido Bertoni 1 , Joan Daemen 1 , Michal Peeters 2 , and Gilles Van Assche 1 1 STMicroelectronics 2 NXP Semiconductors Abstract. While mainstream symmetric cryptography has

519 views • 12 slides
Security Aspects of Authenticated Encryption (in light of the CAESAR competition) Elena Andreeva

Security Aspects of Authenticated Encryption (in light of the CAESAR competition) Elena Andreeva

Security Aspects of Authenticated Encryption (in light of the CAESAR competition) Elena Andreeva COSIC, KU Leuven, Belgium Cryptoday 2014 Technion, Haifa, Israel 30/12/2014 Outline Authenticated Encryption: AE Generic AE composition

732 views • 55 slides
Different Features of ELmD, EME Based Authenticated Encryption Schemes Nilanjan Datta and Mridul

Different Features of ELmD, EME Based Authenticated Encryption Schemes Nilanjan Datta and Mridul

ELmD Authenticated Encryption Scheme EME based Authenticated Encryption Schemes Comparative Study of ELmD with other EME based AEs Different Features of ELmD, EME Based Authenticated Encryption Schemes Nilanjan Datta and Mridul Nandi Indian

364 views • 20 slides
The Evolution of Authenticated Encryption Phillip Rogaway University of California, Davis, USA

The Evolution of Authenticated Encryption Phillip Rogaway University of California, Davis, USA

The Evolution of Authenticated Encryption Phillip Rogaway University of California, Davis, USA Includes joint work with Mihir Bellare, John Black, Ted Krovetz, and Tom Shrimpton DIAC Directions in Authenticated Ciphers 05 July 2012

748 views • 52 slides
AEGIS A Fast Authenticated Encryption Algorithm Hongjun Wu, Bart Preneel Nanyang Technological

AEGIS A Fast Authenticated Encryption Algorithm Hongjun Wu, Bart Preneel Nanyang Technological

AEGIS A Fast Authenticated Encryption Algorithm Hongjun Wu, Bart Preneel Nanyang Technological University, Katholieke Universiteit Leuven Presented at DIAC 1 Classification of Authenticated Encryption AEGIS Design rationale

635 views • 19 slides
Unforgeable quantum encryption Christian Majenz Joint work with Gorjan Alagic and Tommaso

Unforgeable quantum encryption Christian Majenz Joint work with Gorjan Alagic and Tommaso

Unforgeable quantum encryption Christian Majenz Joint work with Gorjan Alagic and Tommaso Gagliardoni Authenticated Encryption! ( Using AES with 128 bit block size in Galois Counter Mode and SHA2 ) Taxonomy of security Authenticated encryption

440 views • 26 slides
CHAE: Challenges in Authenticated Encryption White paper available: https://chae.cr.yp.to CHAE:

CHAE: Challenges in Authenticated Encryption White paper available: https://chae.cr.yp.to CHAE:

CHAE: Challenges in Authenticated Encryption White paper available: https://chae.cr.yp.to CHAE: Challenges in Authenticated Encryption https://chae.cr.yp.to Contributors to the white paper Jean-Philippe Aumasson David McGrew Steve Babbage

411 views • 4 slides
Unforgeable quantum encryption Christian Majenz Joint work with Gorjan Alagic and Tommaso

Unforgeable quantum encryption Christian Majenz Joint work with Gorjan Alagic and Tommaso

Unforgeable quantum encryption Christian Majenz Joint work with Gorjan Alagic and Tommaso Gagliardoni Authenticated Encryption! ( Using AES with 128 bit block size in Galois Counter Mode and SHA2 ) Authenticated Encryption! ( Using AES with 128

893 views • 67 slides
Authenticated Encryption with Variable Stretch Reza Reyhanitabar 1 Serge Vaudenay 2 Damian Vizr

Authenticated Encryption with Variable Stretch Reza Reyhanitabar 1 Serge Vaudenay 2 Damian Vizr

Authenticated Encryption with Variable Stretch Reza Reyhanitabar 1 Serge Vaudenay 2 Damian Vizr 2 1 NEC Laboratories Europe, Germany 2 EPFL, Switzerland DIAC 2016: Directions in Authenticated Ciphers 2016 This work was partially supported by

696 views • 43 slides
Counter-in-Tweak: Authenticated Encryption Modes for Tweakable Block Ciphers Thomas Peyrin 1

Counter-in-Tweak: Authenticated Encryption Modes for Tweakable Block Ciphers Thomas Peyrin 1

TBCs and AE NSIV Generic Composition EPWC MAC CTRT Encryption Conclusion Counter-in-Tweak: Authenticated Encryption Modes for Tweakable Block Ciphers Thomas Peyrin 1 Yannick Seurin 2 1 NTU, Singapore 2 ANSSI, France August 15, 2016

1.29k views • 102 slides
QCD scattering amplitudes beyond Feynman diagrams MHV, CSW, BCFW and all that Christian Schwinn

QCD scattering amplitudes beyond Feynman diagrams MHV, CSW, BCFW and all that Christian Schwinn

QCD scattering amplitudes beyond Feynman diagrams MHV, CSW, BCFW and all that Christian Schwinn RWTH Aachen 11.12.2007 C. Schwinn QCD beyond Feynman diagrams PSI Theory seminar Introduction 1 Multi-particle final states important

1.07k views • 56 slides
Tracking Catalog: Uncovering and analyzing user tracking on the Internet Tomasz Bujlow Valentn

Tracking Catalog: Uncovering and analyzing user tracking on the Internet Tomasz Bujlow Valentn

Introduction Tracking catalog Tracking mechanisms Open questions Tracking Catalog: Uncovering and analyzing user tracking on the Internet Tomasz Bujlow Valentn Carela-Espaol Pere Barlet-Ros Computer Architecture Dept. (DAC) UPC

581 views • 10 slides
ss 2 Cl Class CSC 495/583 Topics of Software Security IA-32 Register & Byte Ordering &

ss 2 Cl Class CSC 495/583 Topics of Software Security IA-32 Register & Byte Ordering &

ss 2 Cl Class CSC 495/583 Topics of Software Security IA-32 Register & Byte Ordering & x86 ASM Dr. Si Chen (schen@wcupa.edu) Badger CTF Your Computer IP: roadrunner.cs.wcupa.edu Username: ss2020 Roadrunner Password:

565 views • 27 slides
The Moore Method in the U.K.: IBL at Birmingham Chris Good, Chris Sangwin, Matthew Badger School

The Moore Method in the U.K.: IBL at Birmingham Chris Good, Chris Sangwin, Matthew Badger School

The Moore Method in the U.K.: IBL at Birmingham Chris Good, Chris Sangwin, Matthew Badger School of Mathematics University of Birmingham June 2011 Chris Good, Chris Sangwin, Matthew Badger (University of Birmingham) The Moore Method in the

1.22k views • 82 slides
Classifying Organisms Learning Objective: To explore ways of distinguishing between organisms

Classifying Organisms Learning Objective: To explore ways of distinguishing between organisms

Classifying Organisms Learning Objective: To explore ways of distinguishing between organisms that have similar characteristics. www.planbee.com How many different groups can you remember that are used to classify animals? www.planbee.com

461 views • 6 slides
Southport Connector Expressway Project Background FDOT Alternative Corridor Evaluation (ACE)

Southport Connector Expressway Project Background FDOT Alternative Corridor Evaluation (ACE)

Concept, Feasibility & Mobility Studies Southport Connector Expressway Project Background FDOT Alternative Corridor Evaluation (ACE) Study Advanced Notification Package distributed September 2012 ETDM Programming Screen was

465 views • 11 slides
. Judith Moran, Director of the Quantitative Center, Trinity College CT Scott Smedley Trinity

. Judith Moran, Director of the Quantitative Center, Trinity College CT Scott Smedley Trinity

. Using QL Modules in a winter ecology course . Judith Moran, Director of the Quantitative Center, Trinity College CT Scott Smedley Trinity Biology Department . Early in the course we will consider how nearby microhabitats within a field site

456 views • 20 slides
Airport Master Plan Update Technical Advisory Committee Meeting # 5 October 13, 2020 1 AGENDA

Airport Master Plan Update Technical Advisory Committee Meeting # 5 October 13, 2020 1 AGENDA

Burlington International Airport Airport Master Plan Update Technical Advisory Committee Meeting # 5 October 13, 2020 1 AGENDA Introductions Status of the Master Plan Update Facility Review RSAT Meeting Review Airport Layout

978 views • 46 slides

More recommend