This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
ae_zoo [15/04/2014 03:55:40] rogaway [Table] |
ae_zoo [20/04/2015 05:44:58] rogaway [Table] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Authenticated Encryption Zoo ====== | + | ====== CAESAR Round 1 candidates ====== |
- | The Authenticated Encryption Zoo is a collection of AEAD (authenticated encryption with associated data) schemes, listed in alphabetical order, that have been submitted to the [[http://competitions.cr.yp.to/caesar.html|CAESAR competition]]. The Zoo is inspired by [[http://ehash.iaik.tugraz.at/wiki/The_SHA-3_Zoo|the SHA-3 Zoo]] hosted by [[http://iaik.tugraz.at/|IAIK - TU Graz]]. | + | |
- | Similarly to the SHA-3 Zoo, the main focus in this Zoo is to keep an up-to-date overview of cryptanalysis results on the CAESAR candidates. This front page will provide an overview of the candidates, their properties/features and a link to the internal wiki page for each scheme. In the scheme-specific pages, we put cryptanalytic results and references to specifications and related works. | + | * :!: **Explanations** and **valid entries** for the overview table are given in the [[zoo_guidelines|AE Zoo guidelines]]. |
- | + | * :!: The rows can be sorted by clicking the column headers. | |
- | For discussions on the CAESAR candidates we refer to the official [[https://groups.google.com/forum/#!forum/crypto-competitions|CAESAR newsgroup]]. | + | * :!: To use references in the subpages, put your bibtex code at the [[refnotes:caesar|References]] page, and copy/modify an existing reference from another page. |
- | + | ||
- | For information about this wiki, please see [[aezoo_info|the AE Zoo information page]]. | + | |
- | ===== CAESAR Round 1 candidates ===== | + | |
- | :!: **__Important__**: Before updating the AE scheme overview table below, please first refer to the [[zoo_guidelines|AE Zoo guidelines]]! Also, click a column header to go to the explanation of valid options. | + | |
<sortable> | <sortable> | ||
- | ^ Candidate ^ [[zoo_guidelines#type|Type]] ^ [[zoo_guidelines#parallelizable_e_d|Parallelizable (E/D)]] ^ [[zoo_guidelines#online_e_d|Online (E/D)]] ^ [[zoo_guidelines#nonce_mr|Nonce MR]] ^ [[zoo_guidelines#inverse_free|Inverse free]] ^ Status ^ | + | ^ Name ^ Type ^ Primitive ^ Parallel E/D ^ Online ^ Inverse-free ^ Security proof ^ Nonce-MR ^ Status ^ |
- | | [[ACORN]] | Other/FSR | | | | | | | + | | [[ACORN]] | SC | LFSR | +/+ | + | + | - | NONE | | |
- | | [[++AE]] | BC/ | Partly/Partly | | | No | @red: | | + | | [[++AE]] | BC | | +/+ | + | - | - | | | |
- | | [[AEGIS]] | BC/AES[1] | | | | No | | | + | | [[AEGIS]] | BC | AES | +/- | + | + | - | NONE | | |
- | | [[AES-CMCC]] | BC/AES | | | | | | | + | | [[AES-CMCC]] | BC | AES | -/+ | - | + | + | OFF-MAX | | |
- | | [[AES-COBRA]] | BC/AES | Partly/Partly | Fully/Fully | | Yes | @red:Withdrawn | | + | | [[AES-COBRA]] | BC | AES | +/+ | + | + | + | | Withdrawn[(:ref:caesar:NandiCobraForgeryForging Attack on COBRA Mode)] | |
- | | [[AES-COPA]] | BC/AES | Partly/Partly | Fully/Fully | | No | | | + | | [[AES-COPA]] | BC | AES | +/+ | + | + | + | | | |
- | | [[AES-CPFB]] | BC/AES | Fully/No | Fully/Fully | | Yes | | | + | | [[AES-CPFB]] | BC | AES | +/- | + | + | + | NONE | | |
- | | [[AES-JAMBU]] | BC/AES | No/No | | | Yes | | | + | | [[AES-JAMBU]] | BC | AES | -/- | + | + | - | | | |
- | | [[AES-OTR]] | BC/AES | Fully/Fully | | | Yes | | | + | | [[AES-OTR]] | BC | AES | +/+ | + | + | + | NONE | | |
- | | [[AEZ]] | BC/{AES,AES[4]} | Fully/Fully | | MAX | No | | | + | | [[AEZ]] | BC | AES, AES[4] | +/+ | - | + | + | OFF-MAX | | |
- | | [[Artemia]] | P/Sponge[Artemia] | No/No | Fully/Fully | | Yes | | | + | | [[Artemia]] | Sponge | SPN | -/- | + | + | + | | | |
- | | [[Ascon]] | P/Sponge[$p^a,p^b$] | No/No | Fully/Fully | | Yes | | | + | | [[Ascon]] | Sponge | SPN | -/- | + | + | + | | | |
- | | [[AVALANCHE]] | BC/AES | Fully/Fully | Fully/Fully | | | @orange: | | + | | [[AVALANCHE]] | BC | AES | +/+ | + | + | + | NONE | [(:ref:caesar:keyrecoveryAVALANCHEv1[[http://martinlauridsen.info/pub/avalanchev1.pdf|Cryptanalysis of AVALANCHEv1]])] | |
- | | [[Calico]] | | | | | | @red: | | + | | [[Calico]] | SC | ChaCha/SipHash | -/- | + | + | - | NONE | Withdrawn | |
- | | [[CBA]] | BC/AES | Fully/Fully | Fully/Fully | | | @red: | | + | | [[CBA]] | BC | AES | +/+ | + | + | - | NONE | | |
- | | [[CBEAM]] | | | | | | @red:Withdrawn | | + | | [[CBEAM]] | Sponge | | | | | | | Withdrawn | |
- | | [[CLOC]] | BC/{AES,TWINE} | No/No | Fully/Fully | | | | | + | | [[CLOC]] | BC | AES,TWINE | -/- | + | + | + | NONE | | |
- | | [[Deoxys]] | | | | | | | | + | | [[Deoxys]] | BC | AES | +/+ | + | - | + | | | |
- | | [[ELmD]] | BC/{AES,AES[5]} | Partly/Partly | Fully/Fully | | No | | | + | | [[ELmD]] | BC | AES,AES[5] | +/+ | + | - | + | | | |
- | | [[Enchilada]] | | | | | | | | + | | [[Enchilada]] | BC | AES, Rijndael-256 | +/+ | | | + | NONE | | |
- | | [[FASER]] | | | | | | @red:Withdrawn | | + | | [[FASER]] | SC | FSR | | | | | | Withdrawn | |
- | | [[HKC]] | | | | | | @red:Withdrawn | | + | | [[HKC]] | SC | | | | | | | Withdrawn | |
- | | [[HS1-SIV]] | | | | | | | | + | | [[HS1-SIV]] | SC | ChaCha/Poly1305 | -/- | - | + | + | OFF-MAX | | |
- | | [[ICEPOLE]] | P/Sponge[ICEPOLE] | Fully/Fully | Fully/Fully | LCP+X | Yes | | | + | | [[ICEPOLE]] | Sponge | Keccak-like | +/- | + | + | + | | | |
- | | [[iFeed[AES]]] | BC/AES | Fully/No | Fully/Fully | LCP+X | Yes | | | + | | [[iFeed[AES]]] | BC | AES | +/- | + | + | + | | | |
- | | [[Joltik]] | BC/AES-like | Fully/Fully, Partly/Partly | Fully/Fully, Fully/Fully | None, LCP | No, No | | | + | | [[Joltik]] | BC | AES | +/+ | + | - | + | | | |
- | | [[Julius]] | BC/AES | Fully/Fully | No/No | MAX | Yes, No | | | + | | [[Julius]] | BC | AES | +/+ | - | + | + | | | |
- | | [[Ketje]] | P/Sponge[Keccak] | No/No | | | | | | + | | [[Ketje]] | Sponge | Keccak-f | -/- | + | + | + | NONE | | |
- | | [[Keyak]] | | | | | | | | + | | [[Keyak]] | Sponge | Keccak-f | +/- | + | + | + | NONE | | |
- | | [[KIASU]] | BC/AES-like | Fully/Fully, Partly/Partly | Fully/Fully, Fully/Fully | None, LCP | No, No | | | + | | [[KIASU]] | BC | AES | +/+ | + | - | + | | | |
- | | [[LAC]] | BC/LBlock-s | No/No | Fully/Fully | None | No | | | + | | [[LAC]] | BC | LBlock-s | +/+ | + | - | - | NONE | | |
- | | [[Marble]] | BC/AES[4] | Partly/Partly | Fully/Fully | A+N/MAX online | No | | | + | | [[Marble]] | BC | AES[4] | | | | | | Withdrawn | |
- | | [[McMambo]] | LRX | No/No | Fully/Fully | | No | @red: | | + | | [[McMambo]] | SC | LRX | | | | | | Withdrawn | |
- | | [[Minalpher]] | | | | | | | | + | | [[Minalpher]] | P | SPN | +/+ | + | | + | | | |
- | | [[MORUS]] | Other/LRX | No/No | Fully/Fully | A+N/LCP+X | N/A | | | + | | [[MORUS]] | SC | LRX | -/- | + | + | - | NONE | | |
- | | [[NORX]] | P/Sponge[NORX]/LRX | Fully/Fully | Fully/Fully | | Yes | | | + | | [[NORX]] | Sponge | LRX | +/+ | + | + | + | NONE | | |
- | | [[OCB]] | BC/AES | Fully/Fully | Fully/Fully | None | No | | | + | | [[OCB]] | BC | AES | +/+ | + | - | + | NONE | | |
- | | [[OMD]] | | | | | | | | + | | [[OMD]] | CF | SHA2 | -/- | + | + | + | NONE | | |
- | | [[PAEQ]] | | | | | | | | + | | [[PAEQ]] | P | AESQ | +/+ | + | + | + | | | |
- | | [[PAES]] | AES[4/8] | | | | | @red: | | + | | [[PAES]] | BC | AES[4/8] | | | | | | Withdrawn | |
- | | [[PANDA]] | | | | | | @orange: | | + | | [[PANDA]] | SC | | | | | | | Withdrawn | |
- | | [[π-Cipher]] | P/Sponge[$\pi$] | Fully/Fully | Fully/Fully | None | Yes | @orange: | | + | | [[π-Cipher]] | Sponge | ARX | +/+ | + | + | - | NONE | | |
- | | [[POET]] | BC/AES | | | | | @orange: | | + | | [[POET]] | BC | AES | p/p | + | + | + | | Withdrawn: POET-G | |
- | | [[POLAWIS]] | Other | | | | | | | + | | [[POLAWIS]] | | | | | | | | | |
- | | [[PRIMATEs]] | P/Sponge[p] | | | | | | | + | | [[PRIMATEs]] | Sponge | SPN | -/- | + | + | + | | | |
- | | [[Prøst]] | P/, P/, P/Sponge[Prøst] | Partly/Partly, Fully/Fully, No/No | Fully/Fully | | Yes, No, Yes | | | + | | [[Prøst]] | P | SPN | +/+ | + | + | - | | | |
- | | [[Raviyoyla]] | Other/FSR | | | | | | | + | | [[Raviyoyla]] | SC | MAGv2 | -/- | + | + | - | NONE | | |
- | | [[Sablier]] | Other/FSR | | | | | | | + | | [[Sablier]] | SC | LFSR | +/+ | + | + | - | NONE | | |
- | | [[SCREAM]] | BC/{Scream,iScream} | Fully/Fully | Fully/Fully | None | No | @red: | | + | | [[SCREAM]] | BC | SPN | +/+ | + | + | - | NONE | | |
- | | [[SHELL]] | BC/{AES,AES[4]} | Partly/Partly | Fully/Fully | | No | | | + | | [[SHELL]] | BC | AES, AES[4] | +/+ | + | - | + | | | |
- | | [[SILC]] | BC/{AES,PRESENT-80,LED-80} | No/No | Fully/Fully | A+N | Yes | | | + | | [[SILC]] | BC | AES, PRESENT, LED | -/+ | + | + | + | NONE | | |
- | | [[Silver]] | BC/AES-like | | | | | | | + | | [[Silver]] | BC | AES-like | +/+ | + | - | + | NONE | | |
- | | [[STRIBOB]] | P/ | | | | | | | + | | [[STRIBOB]] | Sponge | Streebog | -/- | + | + | + | NONE | | |
- | | [[Tiaoxin]] | BC/AES[1] | No/No | Fully/Fully | None | Yes | | | + | | [[Tiaoxin]] | BC | AES[1] | +/+ | + | + | - | NONE | | |
- | | [[TriviA-ck]] | Other/FSR | No/No | No/No | A+N | N/A | | | + | | [[TriviA-ck]] | SC | Trivium | +/+ | - | + | + | NONE | | |
- | | [[Wheesht]] | Other/ARX | | | None | N/A | @red: | | + | | [[Wheesht]] | SC | ARX | -/- | + | + | - | NONE | | |
- | | [[YAES]] | BC/AES[6] | Fully/Fully | Fully/Fully | None | Yes | | | + | | [[YAES]] | BC | AES[6] | +/+ | + | + | - | NONE | | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
</sortable> | </sortable> | ||
- | ===== References ===== | ||
- | References to cryptanalysis papers can be put at [[refnotes:caesar|References]] | ||