Learn More
CAESAR has caused a heated discussion regarding the merits of one-pass encryption and online ciphers. The latter is a keyed, length preserving function which outputs ciphertext blocks as soon as the respective plaintext block is received. The immediacy of an online cipher gives a clear performance advantage, yet it comes at a price. Since ciphertext blocks(More)
An Authenticated Encryption scheme (AE) is deemed secure if ciphertexts both look like random bitstrings and are unforgeable. One shortcoming of AE as commonly understood is its idealized, all-or-nothing decryption: if decryption fails, it will always provide the same single error message and nothing more. Reality often turns out differently:(More)
  • 1