Overview
Explore a comprehensive analysis of security vulnerabilities in the ELmD authenticated encryption algorithm through this 24-minute conference talk presented at Asiacrypt 2016. Delve into the differences between encryption and authenticated encryption, examine the CAESAR competition submissions, and understand the linear mixing function and message padding rules. Investigate the processing of associated data and security claims before uncovering techniques for recovering internal state L and executing universal forgery attacks. Learn how to exploit the structure of ELmD, query the decryption oracle of AES, and perform key recovery attacks on ElmD(6.6). Compare these findings with previous results and draw important conclusions about the algorithm's security.
Syllabus
Intro
Outline
Encryption vs. Authenticated Encryption
CAESAR Competition: Submissions
Linear Mixing Function
Message Padding Rule
Processing Associated Data
Security Claims
Recovering Internal State L
Universal Forgery
Exploiting the Structure of ELmD
Querying Decryption Oracle of AES
Key Recovery Attack on ElmD(6.6)
Comparison with the Previous Results
Conclusion
Taught by
TheIACR