PPT-Authenticated Encryption with Replay
Author : tatyana-admore | Published Date : 2015-12-08
prOtection AERO mcgrewciscocom AERO Authenticated Encryption algorithm Stateful and selfsynchronizing Easy to use Robust against nonce misuse and decryption misuse
Presentation Embed Code
Download Presentation
Download Presentation The PPT/PDF document "Authenticated Encryption with Replay" is the property of its rightful owner. Permission is granted to download and print the materials on this website for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Authenticated Encryption with Replay: Transcript
prOtection AERO mcgrewciscocom AERO Authenticated Encryption algorithm Stateful and selfsynchronizing Easy to use Robust against nonce misuse and decryption misuse Saves bandwidth No nonce no sequence number. Chosen . ciphertext. attacks. Online Cryptography Course Dan Boneh. Example chosen . ciphertext. attacks. A. dversary has . ciphertext. c that it wants to decrypt. Attacking non-atomic decryption. Online Cryptography Course Dan Boneh. SSH Binary Packet Protocol. Decryption:. s. tep 1: decrypt packet length field only (!). s. CBC paddings attacks. Online Cryptography Course Dan Boneh. Recap. Authenticated encryption. : CPA security + . ciphertext. integrity. C. onfidentiality in presence of . AEGIS . A Fast Authenticated Encryption Algorithm. . Hongjun Wu Bart Preneel . Nanyang Technological University. KU Leuven and iMinds. SAC 2013 . 2. Outline. Authenticated Encryption (AE). design rationale. in a Managed Language Virtual Machine. Michael . Bond. Milind. Kulkarni. Man . Cao. Meisam. . Fathi. . Salmi. Jipeng. Huang. Purdue. Microsoft. Ohio State. 1. Nondeterminism is problematic. Reproduce and Debug. (for now). Online Cryptography Course Dan Boneh. Quick Review: primitives. PRG. PRF, PRP. MAC. GGM. CTR. CMAC, HMAC. PMAC. Collision. resistance. k. ey exchange. via . Data Flow Cut. Microsoft Research Asia. Ming Wu. , Haoxiang Lin, Xuezheng Liu, Zhenyu Guo, Huayang Guo, Lidong Zhou, Zheng Zhang. MIT. Fan Long, Xi Wang, . Zhilei. . Xu. Outline. Motivation. Observation. Constructions from ciphers and MACs. Online Cryptography Course Dan Boneh. … but first, some history. Authenticated Encryption (AE): introduced in . 2000 . in a Managed Language Virtual Machine. Michael . Bond. Milind. Kulkarni. Man . Cao. Meisam. . Fathi. . Salmi. Jipeng. Huang. Purdue. Microsoft. Ohio State. 1. Nondeterminism is problematic. Reproduce and Debug. Definitions. Online Cryptography Course Dan Boneh. Goals. An . authenticated encryption . system (E,D) is a cipher where . As usual: E: K × M . × . N . ⟶ C. Authenticated Encryption and Cryptographic Network Protocols David Brumley dbrumley@cmu.edu Carnegie Mellon University Some Straw Men 2 TCP/IP (highly abstracted) packet Destination Machine TCP/IP Stack Authenticated Encryption and Cryptographic Network Protocols David Brumley dbrumley@cmu.edu Carnegie Mellon University Some Straw Men 2 TCP/IP (highly abstracted) packet Destination Machine TCP/IP Stack Cryptography Lecture 9 Arpita Patra © Arpita Patra Recall Attack on cpa -secure scheme from PRF >> cpa -security to cca -security Definitions- cma , scma , cmva , scmva >> MAC Data Flow Cut. Microsoft Research Asia. Ming Wu. , Haoxiang Lin, Xuezheng Liu, Zhenyu Guo, Huayang Guo, Lidong Zhou, Zheng Zhang. MIT. Fan Long, Xi Wang, . Zhilei. . Xu. Outline. Motivation. Observation.
Download Document
Here is the link to download the presentation.
"Authenticated Encryption with Replay"The content belongs to its owner. You may download and print it for personal use, without modification, and keep all copyright notices. By downloading, you agree to these terms.
Related Documents
