Authenticated Encryption
Authenticated Encryption ( AE ) or Authenticated Encryption with Associated Data ( AEAD ) is a category of operation modes of block ciphers , in addition to confidentiality and authenticity and integrity sure. Authenticated Encryption combines the mechanisms normally used in an encryption protocol , encryption and message authentication code, in an integrated scheme.
Authenticated Encryption simplifies the implementation of confidentiality and message authenticity for the application developer, since both are offered together via a common programming interface . The developer does not have to deal with assembling the individual mechanisms himself, which is prone to security-related errors.
AEAD is in addition to protecting a confidential message, the authenticity and integrity of other data (English associated data : related data) sure are not encrypted. The purpose is, for example, to transmit a message header that must be available in clear text for processing.
use
AEAD procedures are used in the encryption protocols SSH and TLS , among others . Only AEAD-based cipher suites are permitted for TLS version 1.3 .
Procedure
- CCM mode
- Galois / Counter Mode (GCM)
- Offset Codebook Mode (OCB)
- EAX mode
- Integrity Aware Parallelizable Mode (IAPM)
Individual evidence
- ↑ RFC 5116 - An Interface and Algorithms for Authenticated Encryption. In: Internet Engineering Task Force (ed.): Request for Comments . (As of January 2008).
- ↑ M. Bellare, P. Rogaway, D. Wagner: A Conventional Authenticated-Encryption Mode . 2003 ( seclab.cs.ucdavis.edu [PDF]).
- ^ P. Rogaway: Authenticated Encryption with Associated Data . In: Proceedings of the 9th ACM conference on Computer and communications security . ACM, New York 2002, pp. 98-107 , doi : 10.1145 / 586110.586125 ( web.cs.ucdavis.edu [PDF] compared to the conference proceedings extended version).