Abstract
This study compares the performance of new authenticated encryption (AE) algorithms with those of current standards in order to provide enhanced security and resource efficiency. These algorithms provide a crucial characteristic known as nonce-misuse resistance, which enhances the security of current AE standards. In addition to a proposal from the Crypto Forum Research Group, this document discusses algorithm to architecture mappings of a number of contenders from the current Competition for AE: Security, Applicability, and Robustness. The design of a well-known standard, the Advanced Encryption Standard in Galois Counter mode (AES-GCM), is contrasted with implementations of the architectures on platforms for both field-programmable gate arrays and application-specific integrated circuits. The provided optimisations are relevant to AE generally and nonce-misuse-resistant designs specifically. Additionally, a codesign strategy for hardware and software is addressed. The implementations made possible by the suggested optimisations show that new AE algorithms may provide speed on par with that of AES-GCM while boosting security and resource efficiency for certain use-case situations. Index Terms�Authenticated encryption (AE), Competition for AE: Security, Applicability, and Robustness (CAESAR), Deoxys, nonce-misuse resistance, pipelineable on-line encryption with authentication tag (POET), PRIMATE-APE. Advanced Encryption Standard in Galois Counter mode (AES-GCM), AES-GCM-synthetic IV (SIV), and authenticated encryption (AE).