FACTOID # 10: The total number of state executions in 2005 was 60: 19 in Texas and 41 elsewhere. The racial split was 19 Black and 41 White.
 
 Home   Encyclopedia   Statistics   States A-Z   Flags   Maps   FAQ   About 
   
 
WHAT'S NEW
 

SEARCH ALL

FACTS & STATISTICS    Advanced view

Search encyclopedia, statistics and forums:

 

 

(* = Graphable)

 

 


Encyclopedia > EAX mode

EAX mode is a mode of operation for cryptographic block ciphers. It is an Authenticated Encryption with Associated Data (AEAD) algorithm designed to simultaneously protect both authentication and privacy of the message (Authenticated Encryption, AE) with a two-pass scheme, one pass for achieving privacy and one for authenticity for each block. In cryptography, a block cipher operates on blocks of fixed length, often 64 or 128 bits. ... Authenticated Encryption with Associated Data (AEAD) is a class of block cipher modes which encrypt (parts of) the message and authenticate the message simultaneously. ... Authentication is the act of establishing or confirming something or someone as authentic. ... Privacy is the ability of an individual or group to stop information about themselves from becoming known to people other than those whom they choose to give the information. ... Authenticated Encryption (AE) is a term used to describe encryption systems which simultaneously protect privacy and authenticity. ...


EAX mode was submitted in October 3, 2003 to the attention of NIST in order to replace CCM as standard AEAD mode of operation, since CCM mode lacks some desiderable attributes of EAX and is more complex.

Contents


Encryption and authentication

EAX is a flexible nonce-using two-pass AEAD scheme with no restrictions on block cipher primitive to be used, nor on block size, and supports arbitrary-length messages. Authentication tag length is arbitrarily sizeable up to the used cipher's block size.


The block cipher primitive is used in CTR mode mode for encryption and as OMAC for authentication over each block trough the EAX composition method, that may be seen as a particular case of a more general algorithm called EAX2 and described in "The EAX Mode of Operation" paper. OMAC (One-key MAC) is a message authentication code constructed from a block cipher much like the PMAC algorithm. ...


The reference implementation in the aforementioned paper uses AES in CTR mode for encryption combined with AES OMAC for authentication.


Performance

Being a two pass scheme make EAX slower than a well designed one pass scheme based on the same primitive.


EAX mode have plenty desiderable attributes, notably:

  • provable security (if the primitive cipher used is secure);
  • message expansion is minimal, being limited to the overhead of the tag length only;
  • using encryption in CTR mode the cipher doesn't need to be implemented in decrypt mode, simplifying implementation (expecially desiderable attribute for hardware implementation);
  • the algorithm is "on-line", that means that can process stream of data, using constant memory, without knowing total data length in advance;
  • the algorithm can process static Additional Data (AD), useful for encryption/decryption of communication session (where session parameters may represent the Associated Data).

CCM mode notably lacks those last 3 attributes.


Intellectual Property

The authors of EAX mode, Mihir Bellare, Phillip Rogaway, and David Wagner placed the work under public domain and declare to be not aware of any patents covering this technology. As far as it's known, EAX mode of operation is free and unencumbered for any use. David Wagner David A. Wagner (1974) is an Assistant Professor of Computer Science at the University of California, Berkeley and a well-known researcher in cryptography. ...


See also

Authenticated Encryption with Associated Data (AEAD) is a class of block cipher modes which encrypt (parts of) the message and authenticate the message simultaneously. ... Authenticated Encryption (AE) is a term used to describe encryption systems which simultaneously protect privacy and authenticity. ... CCM mode (Counter with CBC-MAC) is a mode of operation for cryptographic block ciphers. ... OMAC (One-key MAC) is a message authentication code constructed from a block cipher much like the PMAC algorithm. ...

External links

References

Software implementation

Hardware implementation


Block ciphers edit
Algorithms: 3-Way | AES | Akelarre | Anubis | Blowfish | Camellia | CAST-128 | CAST-256 | CMEA | CS-Cipher | DEAL | DES | DES-X | FEAL | FOX | FROG | G-DES | GOST | ICE | IDEA | Iraqi | KASUMI | KHAZAD | Khufu and Khafre | Libelle | LOKI89/91 | LOKI97 | Lucifer | MacGuffin | Madryga | MAGENTA | MARS | MISTY1 | MMB | NewDES | Noekeon | RC2 | RC5 | RC6 | REDOC | Red Pike | S-1 | SAFER | SEED | Serpent | SHACAL | SHARK | Skipjack | SMS4 | Square | TEA | Triple DES | Twofish | XTEA
Design: Feistel network | Key schedule | Product cipher | S-box | SPN   Attacks: Brute force | Linear / Differential cryptanalysis | Mod n | Related key | XSL   Standardization: AES process | CRYPTREC | NESSIE   Misc: Avalanche effect | Block size | IV | Key size | Modes of operation | Piling-up lemma | Weak key

 
 

COMMENTARY     


Share your thoughts, questions and commentary here
Your name
Your comments

Want to know more?
Search encyclopedia, statistics and forums:

 


Press Releases |  Feeds | Contact
The Wikipedia article included on this page is licensed under the GFDL.
Images may be subject to relevant owners' copyright.
All other elements are (c) copyright NationMaster.com 2003-5. All Rights Reserved.
Usage implies agreement with terms, 1022, m