当前位置: X-MOL 学术J. Cryptol. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
The Deoxys AEAD Family
Journal of Cryptology ( IF 2.3 ) Pub Date : 2021-06-10 , DOI: 10.1007/s00145-021-09397-w
Jérémy Jean , Ivica Nikolić , Thomas Peyrin , Yannick Seurin

We present the Deoxys family of authenticated encryption schemes, which consists of Deoxys-I and Deoxys-II. Both are nonce-based authenticated encryption schemes with associated data and have either 128- or 256-bit keys. Deoxys-I is similar to OCB: It is single-pass but insecure when nonces are repeated; in contrast, Deoxys-II is nonce-misuse resistant. Deoxys-II was selected as first choice in the final portfolio of the CAESAR competition for the defense-in-depth category. Deoxys uses a new family of tweakable block ciphers as internal primitive, Deoxys-TBC, which follows the TWEAKEY framework (Jean, Nikolić, and Peyrin, ASIACRYPT 2014) and relies on the AES round function. Our benchmarks indicate that Deoxys does not sacrifice efficiency for security and performs very well both in software (e.g., Deoxys-I efficiency is similar to AES-GCM) and hardware.



中文翻译:

Deoxys AEAD 家族

我们介绍了Deoxys系列的认证加密方案,它由Deoxys-IDeoxys-II 组成。两者都是具有关联数据的基于随机数的认证加密方案,并且具有 128 位或 256 位密钥。Deoxys-IOCB类似:它是单通的,但在重复随机数时不安全;相比之下,Deoxys-II是抗随机数误用的。Deoxys-II被选为 CAESAR纵深防御类竞赛最终作品集的首选。Deoxys使用一个新的可调整分组密码系列作为内部原语Deoxys-TBC,它遵循TWEAKEY框架(Jean、Nikolić 和 Peyrin,ASIACRYPT 2014)并依赖于AES轮函数。我们的基准测试表明,Deoxys并没有为了安全而牺牲效率,并且在软件(例如,Deoxys-I 的效率类似于AES-GCM)和硬件方面的表现都非常出色。

更新日期:2021-06-11
down
wechat
bug