This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
zoo_guidelines [10/04/2014 14:23:39] mmeh [Type] |
zoo_guidelines [10/04/2014 14:45:46] mmeh [Inverse free] |
||
---|---|---|---|
Line 26: | Line 26: | ||
* **LRX** (logical operations, rotation and XOR) | * **LRX** (logical operations, rotation and XOR) | ||
+ | To specify several options for parameter sets, curly braces can be used, e.g. BC/{AES,LED-80} for a block cipher based scheme which uses AES-128 and LED-80. | ||
==== Parallelizable (E/D) ==== | ==== Parallelizable (E/D) ==== | ||
Specify separately whether the scheme is parallelizable in encryption (E) and decryption (D). Valid options for both cases are: | Specify separately whether the scheme is parallelizable in encryption (E) and decryption (D). Valid options for both cases are: | ||
Line 43: | Line 44: | ||
* **MAX online** (leaks only the LCP (longest common prefix) of plaintexts) | * **MAX online** (leaks only the LCP (longest common prefix) of plaintexts) | ||
* **LCP+X** (leaks LCP and XOR of next plaintext block) | * **LCP+X** (leaks LCP and XOR of next plaintext block) | ||
+ | * **A+N** (when there is some level of security if all associated data + nonce pairs are unique) | ||
* **None** (when all security is lost if nonce is repeated) | * **None** (when all security is lost if nonce is repeated) | ||
==== Inverse free ==== | ==== Inverse free ==== | ||
- | State whether the scheme requires the inverse of the underlying primitive when considering . ONLY applicable for block cipher- or permutation-based modes. Valid options are: | + | State whether the scheme requires the inverse of the underlying primitive. ONLY applicable for block cipher- or permutation-based modes. Valid options are: |
* **Yes** | * **Yes** | ||
* **No** | * **No** | ||
* **N/A** (for when not applicable, see above) | * **N/A** (for when not applicable, see above) |