PPT-Building the Next Generation of Authenticated Encryption

of Authenticated Encryption Mihir Bellare Shay Gueron Viet Tung Hoang Julia Len Sanketh Menda and Thomas Ristenpart Authenticated Encryption with Associated Data 2 Scheme AEAD Key K Scheme . Attacking non-atomic decryption. Online Cryptography Course Dan Boneh. SSH Binary Packet Protocol. Decryption:. s. tep 1: decrypt packet length field only (!). s. CBC paddings attacks. Online Cryptography Course Dan Boneh. Recap. Authenticated encryption. : CPA security + . ciphertext. integrity. C. onfidentiality in presence of . prOtection. (AERO). mcgrew@cisco.com. AERO. Authenticated Encryption algorithm. Stateful. and self-synchronizing. Easy to use. Robust against nonce misuse and decryption misuse. Saves bandwidth. No nonce, no sequence number. AEGIS . A Fast Authenticated Encryption Algorithm. . Hongjun Wu Bart Preneel . Nanyang Technological University. KU Leuven and iMinds. SAC 2013 . 2. Outline. Authenticated Encryption (AE). design rationale. CSE 5351: Introduction to Cryptography. Reading assignment:. Chapter 2. Chapter 3 (sections 3.1-3.4). You may skip proofs, but are encouraged to read some of them.. 2. Computational Difficulty (One-Way Functions). How To Secure My Data. . What . to Protect???. DATA. Data At Rest. Data at Rest Examples. Worst Culprits?. Lost. Infected Easily. Used as ‘Backup’. Lent to others. Data Corruptions more common. Team 2.0. Nayan Thakkar, Eddie Gallon, David Kotar, . Bruce Malone and Pamela Dorman. Requirements for Solution. Support for: . Mid size company "X" with ~250 employees. Windows network with Exchange 2010 w/350 mailboxes. Chris Edwards. IT Services. “All . confidential data . must . be encrypted where stored on a mobile . device” . Mobile Device Encryption Policy. What do we mean by “encrypted” ??. Password Protected. David Froot. Protecting data By encryption . How do we transmit information and data, especially over the internet, in a way that is secure and unreadable by anyone but the sender and recipient?. Encryption is simply the process of transforming information, such as plain text or numbers, using an algorithm. Only those with the algorithm can decipher the encrypted information, and even a relatively simple encryption technique can be difficult to decode without the key. . Cryptography. Is:. A tremendous tool. The basis for many security mechanisms. Is not:. The solution to all security problems. Reliable unless implemented and used properly. Something you should try to invent yourself. Diffie. -Hellman. The . ElGamal. . Public-key System. Online Cryptography Course Dan Boneh. Recap: public key encryption: . (Gen, E, D). E. D. pk. m. c. c. m. Last time I promise. Unitary notation . Writing numbers only using 1. 1 -> 1. 2- > 11 . 3 -> 111. (n times). is shorthand for writing n in unitary.  . Family of games. Generalization of section 7.8 in the book (page 278). Authenticated Encryption and Cryptographic Network Protocols David Brumley dbrumley@cmu.edu Carnegie Mellon University Some Straw Men 2 TCP/IP (highly abstracted) packet Destination Machine TCP/IP Stack Cryptography Lecture 9 Arpita Patra © Arpita Patra Recall Attack on cpa -secure scheme from PRF >> cpa -security to cca -security Definitions- cma , scma , cmva , scmva >> MAC