This is an old revision of the document!
Avalanche effect in improperly initialized CAESAR candidates [MEMICS 2016]
Authors: Martin Ukrop and Petr Švenda
Primary contact: Martin Ukrop mukrop@mail.muni.cz
Abstract: Cryptoprimitives rely on thorough theoretical background, but often lack basic usability features making them prone to uninten- tional misuse by developers. We argue that this is true even for the state-of-the-art designs. Analyzing 52 candidates of the current CAESAR competition has shown none of them have avalanche effect in authenti- cation tag strong enough to work properly when partially misconfigured. Although not directly decreasing their security profile, this hints at their security usability being less than perfect.
- Conference page: Usenix Security 2016
- Download author pre-print of the paper: pdf
- Download extended version of paper: FIMU-RS-2016-03 (technical report, FI MUNI)
- Download presentation: pdf
- Download datasets, tools and used scripts
Bibtex (regular paper)* @inproceedings{1mrsa_usenix2016, author = {Petr Svenda \and Matus Nemec \and Peter Sekan \and Rudolf Kvasnovsky \and David Formanek \and David Komarek \and Vashek Matyas}, title = {The Million-Key Question – Investigating the Origins of RSA Public Keys}, booktitle = {The 25th USENIX Security Symposium (UsenixSec'2016)}, year = {2016}, pages = {893–910}, isbn = {978-1-931971-32-4}, publisher = {USENIX} }