The Software Performance of Authenticated-Encryption Modes
نویسندگان
چکیده
We study the software performance of authenticated-encryption modes CCM, GCM, and OCB. Across a variety of platforms, we find OCB to be substantially faster than either alternative. For example, on an Intel i5 (“Clarkdale”) processor, good implementations of CCM, GCM, and OCB encrypt at around 4.2 cpb, 3.7 cpb, and 1.5 cpb, while CTR mode requires about 1.3 cpb. Still we find room for algorithmic improvements to OCB, showing how to trim one blockcipher call (most of the time, assuming a counter-based nonce) and reduce latency. Our findings contrast with those of McGrew and Viega (2004), who claimed similar performance for GCM and OCB.
منابع مشابه
Artemia: a family of provably secure authenticated encryption schemes
Authenticated encryption schemes establish both privacy and authenticity. This paper specifies a family of the dedicated authenticated encryption schemes, Artemia. It is an online nonce-based authenticated encryption scheme which supports the associated data. Artemia uses the permutation based mode, JHAE, that is provably secure in the ideal permutation model. The scheme does not require the in...
متن کاملAuthenticated Encryption Modes of Block Ciphers, Their Security and Implementation Properties
In this thesis, four authenticated encryption modes of operation are presented, namely, GCM mode, CCM* mode, OCB mode and CWC mode. These modes can provide confidentiality and authenticity simultaneously. The GCM mode and CCM* mode are in detail introduced. And it shows the comparison of the four modes from different aspects: properties, security, and performance in hardware implementation and ...
متن کاملAES-Based Authenticated Encryption Modes in Parallel High-Performance Software
Authenticated encryption (AE) has recently gained renewed interest due to the ongoing CAESAR competition. This paper deals with the performance of block cipher modes of operation for AE in parallel software. We consider the example of the AES on Intel’s new Haswell microarchitecture that has improved instructions for AES and finite field multiplication. As opposed to most previous high-performa...
متن کاملThe Hardware Performance of Authenticated Encryption Modes
Authenticated encryption has long been a vital operation in cryptography by its ability to provide confidentiality, integrity and authenticity at the same time. Its use has progressed in parallel with the worldwide use of Internet Protocol (IP), which has led to development of several new schemes as well as improved versions of existing ones. There have already been studies investigating softwa...
متن کاملRSPAE: RFID Search Protocol based on Authenticated Encryption
Search protocols are among the main applications of RFID systems. Since a search protocol should be able to locate a certain tag among many tags, not only it should be secure against RFID threats but also it should be affordable. In this article, an RFID-based search protocol will be presented. We use an encryption technique that is referred to as authenticated encryption in order to boost the ...
متن کامل