[Resource Topic] 2019/457: Forgery Attack on mixFeed in the Nonce-Misuse Scenario

Welcome to the resource topic for 2019/457

Forgery Attack on mixFeed in the Nonce-Misuse Scenario

Authors: Mustafa Khairallah


mixFeed [CN19] is a round 1 candidate for the NIST Lightweight Cryptography Standardization Project. It is a single-pass, nonce-based, AES-based authenticated encryption algorithms. The authors claim that while there are no guarantees for security in terms of confidentiality in case of nonce-misuse (repetition), the integrity security still holds up to 2^32 data complexity. In this report, this claim is not true in case the plaintext length is non-zero (≥ 16 bytes to be exact). We show a forgery attack that requires only two encryption queries with the same nonce and 34 bytes of data.

ePrint: https://eprint.iacr.org/2019/457

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .