A fail-fast mechanism for authenticated encryption schemes

Abstract

In the modern world, almost every computing device uses some cryptographic technique or the other. Over the years several schemes have been proposed implemented and standardized. For any kind of data transfer the primary goals are encryption and authentication. Historically, these two goals are achieved separately, via two different techniques. Any symmetric cipher scheme can be used for encryption, whereas, for authentication, usage of a keyed MAC is prevalent. There is another approach known as Authenticated Encryption (AE), which fulfills both the goals at the same time. From an implementation perspective, it is important that, if the packet is malformed, it is rejected as soon as possible. Common techniques like AES-CBC, allow for such a fail-fast paradigm using padding oracle. But, the same technique cannot be applied for other common AE techniques like AES-GCM. In this work, we provide a technique using which any AE scheme can be used directly (without any change), whilst providing the good fail-fast features at the same time.