Avalanche Effect in Improperly Initialized CAESAR Candidates

Investor logo

Warning

This publication doesn't include Faculty of Education. It includes Faculty of Informatics. Official publication website can be found on muni.cz.
Authors

UKROP Martin ŠVENDA Petr

Year of publication 2016
Type Article in Proceedings
Conference Proceedings 11th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science, Telč, Czech Republic, 21st-23rd October 2016
MU Faculty or unit

Faculty of Informatics

Citation
Web http://eptcs.web.cse.unsw.edu.au/paper.cgi?MEMICS2016.7
Doi http://dx.doi.org/10.4204/EPTCS.233.7
Field Informatics
Keywords authenticated encryption; avalanche effect; CAESAR
Description Cryptoprimitives rely on thorough theoretical background, but often lack basic usability features making them prone to unintentional misuse by developers. We argue that this is true even for the state-of-the-art designs. Analyzing 52 candidates of the current CAESAR competition has shown none of them have an avalanche effect in authentication tag strong enough to work properly when partially misconfigured. Although not directly decreasing their security profile, this hints at their security usability being less than perfect. Paper details available at crcs.cz/papers/memics2016
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.