Abstract:
Privacy of the message and authenticity of the sender in a secure communication is a challenging
concern. Tradionally these two aims were achieved by using di erent cryptographic primitives:
by using encryption for privacy and using MAC's for authenticity. Authenticated Encryption
(AE) is a mechanism to provides both the privacy of data as well as authenticity of the sender
by a single cryptographic construction. Usually, AE schemes have been constructed as mode of
operation of a block cipher providing both con dentiality and authenticity.
Bellare and Namprempre [1] introduced the idea of AE and showed di erent compositions of
Encryption and MAC schemes to construct AE schemes, along with the security proof for each
construction. In their work, Bellare and Namprempre also highlighted the subtle issues which
can lead to insecurity in some combinations of encryption and MAC schemes.
Many modes of AE have been developed after the pioneering work of Bellare et al. in 2000. Jutla
developed the IAPM [7] mode in 2001. Around the same time, Rogaway et al. proposed the
OCB mode [15]. OCB is one of the most e cient AE modes. Other e cient modes are CCM [16]
and CWC [9]. All of these AE modes are based on block ciphers. The SpongeWrap [4] is the
only known AE scheme based on a permutation, while there is no known AE mode which is
based on a random function. Near lack of non-block cipher based designs for AE motivated us
to study new AE designs. In this work, we propose two new AE modes. The rst one, which we
name FWPAE is based on random function and the second one, which we call FPAE, is based
on permutation. Our proposed permutation based mode FPAE promises to have better security
compared to SpongeWrap.