Welcome to the resource topic for 2014/218
Title:
A Practical Universal Forgery Attack against PAES-8
Authors: Yu Sasaki, Lei Wang
Abstract:\paes~is an authenticated encryption scheme designed by Ye {\it et al.}, and submitted to the CAESAR competition. The designers claim that \paese, which is one of the designs of the \paes-family, provides 128-bit security in the nonce misuse model. In this note, we show our forgery attack against \paese. Our attack works in the nonce misuse model. The attack exploits the slow propagation of message differences. The attack is very close to the universal forgery attack. As long as the target message is not too short, {\it e.g.} more than 10 blocks (160 bytes), a tag is forged only with 2^{11} encryption oracle calls, 2^{11} computational cost, and negligible memory.
ePrint: https://eprint.iacr.org/2014/218
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .