ZLR: a fast online authenticated encryption scheme achieving full security

Abstract

AbstractOnline authenticated encryption has been considered of practical relevance in light-weight environments due to low latency and constant memory usage. In this paper, we propose a new tweakable block cipher-based online authenticated encryption scheme, dubbed , and its domain separation variant, dubbed . and follow the Encrypt-Mix-Encrypt paradigm. However, in contrast to existing schemes using the same paradigm such as and , and enjoy n-bit security by using larger internal states with an efficient -like hashing algorithm. In this way, 2n-bit blocks are processed with only a single primitive call for hashing and two primitive calls for encryption and decryption, when they are based on an n-bit tweakable block cipher using n-bit (resp. 2n-bit) tweaks for  (resp. ). Furthermore, they support pipelined computation as well as online nonce-misuse resistance. To the best of our knowledge, and are the first pipelineable tweakable block cipher-based online authenticated encryption schemes of rate-2/3 that provide n-bit security with online nonce-misuse resistance.