This is an old revision of the document!
In the preproceedings version of the POET paper from FSE 2014, a simple ciphertext forgery attack by [Guo-Jean-Peyrin-Wang]1) was possible using a single known ciphertext/tag pair, under the condition that the message consists of at least 3 blocks. The attack was facitated by an incorrect formulation of POET in the preproceedings version, as was pointed out by Stefan Lucks in this discussion on the Cryptographic Competitions group, and is no longer applicable to the CAESAR candidate POET.
|Type of Analysis||Number of Queries||Reference||Comment|
|Ciphertext Forgery||1||by Jian Guo and Jérémy Jean and Thomas Peyrin and Wang Lei2)||Applied to FSE pre-proceedings version|