In this work, we look at authenticated encryption schemes from a new perspective. As opposed to focusing solely on the security implications of the different methods for constructing authenticated encryption schemes, we investigate the effect of the method used to construct an authenticated encryption scheme on the performance of the construction. We show that, as opposed to the current National Institute of Standards and Technology standard, by performing the authentication operation before the encryption operation, the computational efficiency of the construction can be increased, without affecting the security of the overall construction. In fact, we show that the proposed construction is even more secure than standard authentication based on universal hashing in the sense that the hashing key is resilient to key recovery attacks.

• 出版日期2016-12