Forgery Attacks on FlexAE and FlexAEAD

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

FlexAEAD is one of the round-1 candidates in the ongoing NIST Lightweight Cryptography standardization project. In this note, we show several forgery attacks on FlexAEAD with complexity less than the security bound given by the designers, such as a block reordering attack on full FlexAEAD-128 with estimated success probability about 2^54. Additionally, we show some trivial forgeries and point out domain separation issues.
Original languageEnglish
Title of host publicationIMA Cryptography and Coding - IMACC 2019
Number of pages12
Publication statusAccepted/In press - 5 Sep 2019
EventIMACC 2019: 17th IMA International Conference on Cryptography and Coding - Oxford, United Kingdom
Duration: 16 Dec 201918 Dec 2019

Conference

ConferenceIMACC 2019
CountryUnited Kingdom
CityOxford
Period16/12/1918/12/19

Fingerprint

Standardization
Cryptography

Keywords

  • authenticated encryption
  • forgery attack
  • NIST LWC

Cite this

Eichlseder, M., Kales, D., & Schofnegger, M. (Accepted/In press). Forgery Attacks on FlexAE and FlexAEAD. In IMA Cryptography and Coding - IMACC 2019

Forgery Attacks on FlexAE and FlexAEAD. / Eichlseder, Maria; Kales, Daniel; Schofnegger, Markus.

IMA Cryptography and Coding - IMACC 2019. 2019.

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Eichlseder, M, Kales, D & Schofnegger, M 2019, Forgery Attacks on FlexAE and FlexAEAD. in IMA Cryptography and Coding - IMACC 2019. IMACC 2019, Oxford, United Kingdom, 16/12/19.
Eichlseder M, Kales D, Schofnegger M. Forgery Attacks on FlexAE and FlexAEAD. In IMA Cryptography and Coding - IMACC 2019. 2019
@inproceedings{a9745b49147d412492f1edf408571495,
title = "Forgery Attacks on FlexAE and FlexAEAD",
abstract = "FlexAEAD is one of the round-1 candidates in the ongoing NIST Lightweight Cryptography standardization project. In this note, we show several forgery attacks on FlexAEAD with complexity less than the security bound given by the designers, such as a block reordering attack on full FlexAEAD-128 with estimated success probability about 2^54. Additionally, we show some trivial forgeries and point out domain separation issues.",
keywords = "authenticated encryption, forgery attack, NIST LWC",
author = "Maria Eichlseder and Daniel Kales and Markus Schofnegger",
year = "2019",
month = "9",
day = "5",
language = "English",
booktitle = "IMA Cryptography and Coding - IMACC 2019",

}

TY - GEN

T1 - Forgery Attacks on FlexAE and FlexAEAD

AU - Eichlseder, Maria

AU - Kales, Daniel

AU - Schofnegger, Markus

PY - 2019/9/5

Y1 - 2019/9/5

N2 - FlexAEAD is one of the round-1 candidates in the ongoing NIST Lightweight Cryptography standardization project. In this note, we show several forgery attacks on FlexAEAD with complexity less than the security bound given by the designers, such as a block reordering attack on full FlexAEAD-128 with estimated success probability about 2^54. Additionally, we show some trivial forgeries and point out domain separation issues.

AB - FlexAEAD is one of the round-1 candidates in the ongoing NIST Lightweight Cryptography standardization project. In this note, we show several forgery attacks on FlexAEAD with complexity less than the security bound given by the designers, such as a block reordering attack on full FlexAEAD-128 with estimated success probability about 2^54. Additionally, we show some trivial forgeries and point out domain separation issues.

KW - authenticated encryption

KW - forgery attack

KW - NIST LWC

M3 - Conference contribution

BT - IMA Cryptography and Coding - IMACC 2019

ER -