This is an old revision of the document!
This wiki site specifies the guidelines for the AE Zoo. While everyone in the cryptographic community are encourated to participate and contribute to the Zoo, we, as zookeepers, hope that contributer will adhere to the guidelines posted on this page.
The guidelines in this section refer to the AE scheme overview table found on the Authenticated Encryption Zoo front page. In the following we specify the meaning of each column of the table and give what we consider valid options for each column. If you feel that a valid option is missing for a particular column, we encourage you to e-mail aezoo@compute.dtu.dk
with your suggestions for changes.
Without a doubt, opinions vary as to what e.g. an online cipher is. With our valid options below, we try to capture all definitions or levels of which a certain property is obtained, allowing for a good comparison of the candidates.
For candidates containing several, say K, parameter sets, and where properties differ across these parameter sets, we suggest to comma-separate the properties for each set, such that the ith option in the comma-separated lists across all columns of the table correspond to the same parameter set of that particular candidate.
We would like to acknowledge the slides from Daghstuhl 2014 by Bart Preneel, from which we have drawn inspiration for these guidelines.
Specify the type of the scheme(s). The format should be MAINTYPE/SUBTYPE, where MAINTYPE is one of
and SUBTYPE is one of
To specify several options for parameter sets, curly braces can be used, e.g. BC/{AES,LED-80} for a block cipher based scheme which uses AES-128 and LED-80.
Specify separately whether the scheme is parallelizable in encryption (E) and decryption (D). Valid options for both cases are:
Specify separately whether the scheme is online in encryption (E) and decryption (D). Valid options for both cases are:
State the schemes resistance towards nonce misuse. Here, the nonce is defined as the tuple consisting of private message number and public message number. Valid options are:
State whether the scheme requires the inverse of the underlying primitive when considering . ONLY applicable for block cipher- or permutation-based modes. Valid options are: