TWC: Option: Medium: Collaborative: Authenticated Ciphers

TWC：选项：中：协作：经过身份验证的密码

• 批准号: 1314919
• 负责人: Daniel Bernstein
• 金额: $ 25.9万
• 依托单位: University of Illinois at Chicago
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2013
• 资助国家: 美国
• 起止时间: 2013-10-01 至 2018-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1314919&HistoricalAwards=false
• 关键词: TWC; Option; Medium; Collaborative; Authenticated

OpenSSH reveals excerpts from encrypted login sessions. TLS (HTTPS) reveals encrypted PayPal account cookies. DTLS is no better. EAXprime allows instantaneous forgeries. RFID security has been broken again and again. All of these failures of confidentiality and integrity are failures of authenticated ciphers: algorithms that promise to encrypt and authenticate messages using a shared secret key.It is easy to blame many of these security problems on a lack of education: much stronger authenticated ciphers have been in the literature for many years. However, in many cases these stronger authenticated ciphers fail to meet the performance requirements of the applications. Performance is exactly the motivation for RC4 in WEP; EAXprime in the "Smart Grid"; HB in RFID; and "IPsec" continuing to support unauthenticated encryption.This project is building a new generation of authenticated ciphers that improve efficiency without compromising security and that improve security without compromising efficiency. This work spans seven main topics: more efficient ciphers; more efficient MACs; more efficient forgery rejection; improved protection against side channels; improved protection against misuse and bad luck; improved quantitative security; and improved security proofs. The ultimate objective is to obtain the best possible security subject to a variety of performance constraints specified by cryptographic users.The high-security high-performance authenticated ciphers produced in this project will be directly and straightforwardly usable in cryptographic applications, avoiding the disasters in current applications and finally bringing secure secret-key cryptography from theory to practice.

OpenSSH揭示了加密登录会话的摘录。TLS（HTTPS）揭示加密的PayPal帐户cookie。DTLS没有更好。EAXprime允许即时转发。RFID安全性一次又一次地被打破。所有这些机密性和完整性的失败都是认证密码的失败，认证密码是一种承诺使用共享密钥加密和认证消息的算法，很容易将许多这些安全问题归咎于缺乏教育：更强大的认证密码已经在文献中出现了很多年。然而，在许多情况下，这些更强的认证密码不能满足应用程序的性能要求。性能正是WEP中的RC 4、“智能电网”中的EAXprime、RFID中的HB以及继续支持非认证加密的“加密”的动机。该项目正在构建新一代的认证密码，在不影响安全性的情况下提高效率，在不影响效率的情况下提高安全性。这项工作涵盖了七个主要主题：更有效的密码;更有效的MAC;更有效的伪造拒绝;改进对侧通道的保护;改进对误用和厄运的保护;改进定量安全性;改进安全证明。最终目标是在密码用户指定的各种性能约束条件下获得尽可能好的安全性，本项目产生的高安全性、高性能认证密码将直接、直观地应用于密码应用中，避免现有应用中的灾难，最终将安全密钥密码从理论走向实践。