![Loading...](https://link.springer.com/static/c4a417b97a76cc2980e3c25e2271af3129e08bbe/images/pdf-preview/spacer.gif)
-
Chapter and Conference Paper
Implicit Key-Stretching Security of Encryption Schemes
When keys are small or parts thereof leak, key-recovery attacks on symmetric-key primitives still pose a plausible threat. Key stretching is one well-known means to throttle potential adversaries, where stretc...
-
Chapter and Conference Paper
QCB is Blindly Unforgeable
QCB is a proposal for a post-quantum secure, rate-one authenticated encryption with associated data scheme (AEAD) based on classical OCB3 and
-
Chapter and Conference Paper
On the Post-quantum Security of Classical Authenticated Encryption Schemes
We study the post-quantum security of authenticated encryption (AE) schemes, designed with classical security in mind. Under superposition attacks, many CBC-MAC variants have been broken, and AE modes employin...
-
Chapter and Conference Paper
Pholkos – Efficient Large-State Tweakable Block Ciphers from the AES Round Function
This paper proposes Pholkos, a family of heavyweight tweakable block ciphers with state and key sizes of \({\ge }256\) ...
-
Chapter and Conference Paper
Cryptanalysis of ForkAES
Forkciphers are a new kind of primitive proposed recently by Andreeva et al. for efficient encryption and authentication of small messages. They fork the middle state of a cipher and encrypt it twice under two...
-
Article
POEx: A beyond-birthday-bound-secure on-line cipher
On-line ciphers are convenient building blocks for realizing efficient single- pass encryption. In particular, the trend to limit the consequences of nonce reuses rendered them popular in recent authenticated ...
-
Chapter and Conference Paper
Is RCB a Leakage Resilient Authenticated Encryption Scheme?
Leakage resilient cryptography wants to provide security against side channel attacks. In this paper, we present several issues of the ...
-
Chapter and Conference Paper
New Second Preimage Attacks on Dithered Hash Functions with Low Memory Complexity
Dithered hash functions were proposed by Rivest as a method to mitigate second preimage attacks on Merkle-Damgård hash functions. Despite that, second preimage attacks against dithered hash functions were prop...
-
Chapter and Conference Paper
Gimli : A Cross-Platform Permutation
This paper presents Gimli, a 384-bit permutation designed to achieve high security with high performance across a broad range of platforms, including 64-bit Intel/AMD server CPUs, 64-bit and 32-bit ARM smartphone...
-
Chapter and Conference Paper
Reforgeability of Authenticated Encryption Schemes
This work pursues the idea of multi-forgery attacks as introduced by Ferguson in 2002. We recoin reforgeability for the complexity of obtaining further forgeries once a first forgery has succeeded. First, we i...
-
Chapter and Conference Paper
Efficient Beyond-Birthday-Bound-Secure Deterministic Authenticated Encryption with Minimal Stretch
Block-cipher-based authenticated encryption has obtained considerable attention from the ongoing CAESAR competition. While the focus of CAESAR resides primarily on nonce-based authenticated encryption, Determi...
-
Chapter and Conference Paper
RIV for Robust Authenticated Encryption
Typical AE schemes are supposed to be secure when used as specified. However, they can – and often do – fail miserably when used improperly. As a partial remedy, Rogaway and Shrimpton proposed (nonce-)misuse-r...
-
Chapter and Conference Paper
Catena Variants
Catena is a password-scrambling framework characterized by its high flexibility. The user (defender) can simply adapt the underlying (cryptographic) primitives, the underlying memory-hard function, and the time (
-
Chapter and Conference Paper
Passphone: Outsourcing Phone-Based Web Authentication While Protecting User Privacy
This work introduces Passphone, a new smartphone-based authentication scheme that outsources user verification to a trusted third party without sacrificing privacy: neither can the trusted third party learn the r...
-
Chapter and Conference Paper
Hash Functions from Defective Ideal Ciphers
Cryptographic constructions are often designed and analyzed in idealized frameworks such as the random-oracle or ideal-cipher models. When the underlying primitives are instantiated in the real world, however,...
-
Chapter and Conference Paper
Pipelineable On-line Encryption
Correct authenticated decryption requires the receiver to buffer the decrypted message until the authenticity check has been performed. In high-speed networks, which must handle large message frames at low lat...
-
Chapter and Conference Paper
Overview of the Candidates for the Password Hashing Competition
In this work we provide an overview of the candidates of the Password Hashing Competition (PHC) regarding to their functionality, e.g., client-independent update and server relief, their security, e.g., memory...
-
Chapter and Conference Paper
Differential Cryptanalysis of Round-Reduced Simon and Speck
This paper presents differential attacks on Simon and Speck, two families of lightweight block ciphers that were presented by the U.S. National Security Agency in June 2013. We describe attacks on up to slightly ...
-
Chapter and Conference Paper
A Framework for Automated Independent-Biclique Cryptanalysis
In this paper we introduce Janus, a software framework – written in Java – which is built to provide assistance in finding independent-biclique attacks for a user-chosen set of parameters, e.g., the number of rou...
-
Chapter and Conference Paper
Memory-Demanding Password Scrambling
Most of the common password scramblers hinder password-guessing attacks by “key stretching”, e.g., by iterating a cryptographic hash function many times. With the increasing availability of cheap and massively...