Skip to main content
SpringerLink
Log in

Authenticated Encryption

  • Reference work entry
Encyclopedia of Cryptography and Security

Related Concepts

Block Ciphers; MAC Algorithms; Stream Cipher; Symmetric Crptosystem

Introduction

Often when two parties communicate over a network, they have two main security goals: privacy and authentication. In fact, there is compelling evidence that one should never use encryption without also providing authentication [814]. Many solutions for the privacy and authentication problems have existed for decades, and the traditional approach to solving both simultaneously has been to combine them in a straightforward manner using so-called generic composition. However, recently there have been a number of new constructions which achieve both privacy and authenticity simultaneously, often much faster than any solution which uses generic composition. In this entry, we will explore the various approaches to achieving both privacy and authenticity, the so-called Authenticated Encryption problem. We will often abbreviate this as simply “AE.” We will start with generic composition methods...

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 799.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 949.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Recommended Reading

  1. Bellare M, Canetti R, Krawczyk H (1996) Keying hash functions for message authentication. In: Koblitz N (ed) Advances in cryptology—CRYPTO’96. Lecture notes in computer science, vol 1109. Springer, Berlin, pp 1–15

    Google Scholar 

  2. Bellare M, Desai A, Pointcheval D, Rogaway P (1998) Relations among notions of security for public-key encryption schemes. In: Krawczyk H (ed) Advances in cryptology—CRYPTO’98. Lecture notes in computer science, vol 1462. Springer, Berlin, pp 232–249

    Google Scholar 

  3. Bellare M, Kilian J, Rogaway P (2000) The security of the cipher block chaining message authentication code. J Comput Syst Sci (JCSS) 61(3):362–399. Earlier version in CRYPTO’94. See www.cs.ucdavis.edu/∼rogaway

  4. Bellare M, Kohno T, Namprempre C (2002) Authenticated encryption in SSH: provably fixing the SSH binary packet protocol. In: ACM conference on computer and communications security (CCS-9). ACM Press, New York, pp 1–11

    Google Scholar 

  5. Bellare M, Namprempre C (2000) Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto T (ed) Advances in cryptology—ASIACRYPT 2000. Lecture notes in computer science, vol 1976. Springer, Berlin

    Google Scholar 

  6. Bellare M, Rogaway P (2000) Encode-thenencipher encryption: how to exploit nonces or redundancy in plaintexts for efficient encryption. In: Okamoto T (ed) Advances in cryptology—ASIACRYPT 2000. Lecture notes in computer science, vol 1976. Springer, Berlin, pp 317–330. See www.cs.ucdavis.edu/∼rogaway

  7. Bellare M, Rogaway P, Wagner D (2003) EAX: a conventional authenticated-encryption mode. Cryptology ePrint archive, reference number 2003/069, submitted April 13, 2003, revised September 9, 2003. See eprint.iacr.org

    Google Scholar 

  8. Bellovin S (1996) Problem areas for the IP security protocols. In: Proceedings of the sixth USENIX security symposium. pp 1–16, July 1996

    Google Scholar 

  9. Berendschot A, den Boer B, Boly J, Bosselaers A, Brandt J, Chaum D, Damgård I, Dichtl M, Fumy W, van der Ham M, Jansen C, Landrock P, Preneel B, Roelofsen G, de Rooij P, Vandewalle J (1995) Final report of race integrity primitives. In: Bosselaers A, Preneel B (eds) Lecture notes in computer science, vol 1007. Springer, Berlin

    Google Scholar 

  10. Bernstein D (2000) Floating-point arithmetic and message authentication. Available from http://cr.yp.to/hash127.html

  11. Black J, Halevi S, Krawczyk H, Krovetz T, Rogaway P (1999) UMAC: fast and secure message authentication. In: Wiener J (ed) Advances in cryptology—CRYPTO’99. Lecture notes in computer science, vol 1666. Springer, Berlin

    Google Scholar 

  12. Black J, Rogaway P (2000) CBC MACs for arbitrary-length messages: the three-key constructions. In: Bellare M (ed) Advances in cryptology—CRYPTO 2000. Lecture notes in computer science, vol 1880. Springer, Berlin

    Google Scholar 

  13. Black J, Rogaway P (2002) A block-cipher mode of operation for parallelizable message authentication. In: Knudsen L (ed) Advances in cryptology—EUROCRYPT 2002. Lecture notes in computer science, vol 2332. Springer, Berlin, pp 384–397

    Google Scholar 

  14. Black J, Urtubia H (2002) Side-channel attacks on symmetric encryption schemes: the case for authenticated encryption. In: Boneh D (ed) Proceedings of the eleventh USENIX security symposium, pp 327–338, August 2002

    Google Scholar 

  15. Borisov N, Goldberg I, Wagner D (2001) Intercepting mobile communications: the insecurity of 802.11. In: MOBICOM. ACM Press, New York, pp 180–189

    Google Scholar 

  16. Carter L, Wegman M (1979) Universal hash functions. J Comput Syst Sci 18:143–154

    Article  MATH  MathSciNet  Google Scholar 

  17. Ferguson N, Whiting D, Schneier B, Kelsey J, Lucks S, Kohno T (2003) Helix: fast encryption and authentication in a single cryptographic primitive. In: Johansson T (ed) Fast software encryption, 10th international workshop, FSE 2003. Lecture notes in computer science, vol 2887. Springer, Berlin

    Google Scholar 

  18. Gligor V, Donescu P (2002) Fast encryption and authentication: XCBC encryption and XECB authentication modes. In: Matsui M (ed) Fast software encryption, 8th international workshop, FSE 2001. Lecture notes in computer science, vol 2355. Springer, Berlin, 92–108, See www.ece.umd.edu/∼gligor/

  19. Goldwasser S, Micali S, Rivest R (1998) A digital signature scheme secure against adaptive chosen-message attacks. SIAM J Comput 17(2):281–308

    Article  MathSciNet  Google Scholar 

  20. Halevi S (2001) An observation regarding Jutla’s modes of operation. Cryptology ePrint archive, reference number 2001/015, submitted February 22, 2001, revised April 2, 2001. See eprint.iacr.org

    Google Scholar 

  21. Hawkes P, Rose G (2003) Primitive specification for SOBER-128. Available from http://www.qualcomm.com.au/Sober128.html

  22. Iwata T, Kurosawa K (2003) OMAC: onekey CBC MAC. In: Johansson T (ed) Fast software encryption. Lecture notes in computer science, vol 2887. Springer, Berlin

    Google Scholar 

  23. Jonsson J (2002) On the security of CTR + CBC-MAC. In: Nyberg K, Heys HM (eds) Selected areas in cryptography—SAC 2002. Lecture notes in computer science, vol 2595. Springer, Berlin, pp 76–93

    Google Scholar 

  24. Jutla C (2001) Encryption modes with almost free message integrity. In: Pfitzmann B (ed) Advances in cryptology—EUROCRYPT 2001. Lecture notes in computer science, vol 2045. Springer, Berlin, pp 529–544

    Google Scholar 

  25. Katz J, Yung M (2000) Complete characterization of security notions for probabilistic private-key encryption. In: Proceedings of the 32nd annual symposium on the theory of computing (STOC). ACM Press, New York

    Google Scholar 

  26. Kohno T, Palacio A, Black J (2003) Building secure cryptographic transforms, or how to encrypt and MAC. Cryptology ePrint archive, reference number 2003/177, submitted August 28, 2003. See eprint.iacr.org

    Google Scholar 

  27. Kohno T, Viega J, Whiting D (2003) Highspeed encryption and authentication: a patent-free solution for 10 Gbps network devices. Cryptology ePrint archive, reference number 2003/106, submitted May 27, 2003, revised September 1, 2003. See eprint.iacr.org

    Google Scholar 

  28. Krawczyk H, Bellare M, Canetti R (1997) HMAC: keyed hashing for message authentication. IETF RFC-2104

    Google Scholar 

  29. Krawczyk H (2001) The order of encryption and authentication for protecting communications (or: How secure is SSL?). In: Kilian J (ed) Advances in cryptology—CRYPTO 2001. Lecture notes in computer science, vol 2139. Springer, Berlin, pp 310–331

    Google Scholar 

  30. Liskov M, Rivest R, Wagner D (2002) Tweakable block ciphers. In: Yung M (ed) Advances in cryptology—CRYPTO 2002. Lecture notes in computer science, vol 2442. Springer, Berlin, pp 31–46

    Google Scholar 

  31. Petrank E, Rackoff C (2000) CBC MAC for real-time data sources. J Cryptol 13(3):315–338

    Article  MATH  MathSciNet  Google Scholar 

  32. Rogaway P (2002) Authenticated-encryption with associated-data. In: ACM conference on computer and communications security (CCS-9). ACM Press, New York, pp 196–205

    Google Scholar 

  33. Rogaway P, Bellare M, Black J (2003) OCB: a block-cipher mode of operation for efficient authenticated encryption. ACM T Inform Syst Secur (TISSEC) 6(3):365–403

    Article  Google Scholar 

  34. Wegman M, Carter L (1981) New hash functions and their use in authentication and set equality. J Comp Syst Sci 22:265–279

    Article  MATH  MathSciNet  Google Scholar 

  35. Whiting D, Housley R, Ferguson N (2002) Counter with CBC-MAC (CCM). Available from csrc.nist.gov/encryption/modes/proposedmodes/

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, 430 UCB, 80309, Boulder, CO, USA

    J. Black

Authors
  1. J. Black
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Mathematics and Computing Science, Eindhoven University of Technology, 5600 MB, Eindhoven, The Netherlands

    Henk C. A. van Tilborg

  2. Center for Secure Information Systems, George Mason University, Fairfax, VA, 22030-4422, USA

    Sushil Jajodia

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer Science+Business Media, LLC

About this entry

Cite this entry

Black, J. (2011). Authenticated Encryption. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_548

Download citation

Publish with us

Policies and ethics

Search

Navigation