180 likes | 358 Views
The OCB1. The OCB1 (Contd.). Instantiation of OCB1 with a XEX blockcipher. The PMAC Algorithm. The PMAC Algorithm (contd.). The PMAC Algorithm (contd.). AEAD Schemes. Using OCB and PMAC for AEAD Let OCB =( K,E,D ) Let the message be M and header be H Obtain C||t = E(K, M)
E N D
AEAD Schemes Using OCB and PMAC for AEAD Let OCB =(K,E,D) Let the message be M and header be H Obtain C||t = E(K, M) Obtain d = PMAC(K,H) The final ciphertext is C||(t XOR d)
AEAD Schemes (cont.) Rogaway proposed a general way to construct AEAD schemes from a secure symmetric encryption scheme and a pseudorandom function These schemes are called generic composition schemes. Rogaway suggests two ways: Mac then Encrypt Encrypt then Mac