CWC mode

From HandWiki

In cryptography, CWC Mode (Carter–Wegman + CTR mode) is an AEAD block cipher mode of operation that provides both encryption and built-in message integrity, similar to CCM and OCB modes. It combines the use of CTR mode for encryption with an efficient polynomial Carter–Wegman MAC and is designed by Tadayoshi Kohno, John Viega and Doug Whiting.[1]

CWC mode was submitted to NIST[2] for standardization, but NIST opted for the similar GCM mode instead.[3]

Although GCM has weaknesses compared to CWC,[4] the GCM authors successfully argued for GCM.[5]

References

  1. Kohno, Tadayoshi; Viega, John; Whiting, Doug (2004). "CWC: A High-Performance Conventional Authenticated Encryption Mode". Fast Software Encryption. Lecture Notes in Computer Science. 3017. pp. 408–426. doi:10.1007/978-3-540-25937-4_26. ISBN 9783540259374. https://link.springer.com/chapter/10.1007/978-3-540-25937-4_26. 
  2. [http:/csrc.nist.gov/groups/ST/toolkit/BCM/modes_development.html "NIST.gov - Computer Security Division - Computer Security Resource Center"]. August 30, 2017. http:/csrc.nist.gov/groups/ST/toolkit/BCM/modes_development.html. 
  3. "Modes Development - Block Cipher Techniques | CSRC | CSRC". 4 January 2017. https://csrc.nist.gov/projects/block-cipher-techniques/bcm/modes-development. 
  4. https://csrc.nist.gov/csrc/media/projects/block-cipher-techniques/documents/bcm/comments/cwc-gcm/ferguson2.pdf, section 7
  5. https://csrc.nist.gov/CSRC/media/Projects/Block-Cipher-Techniques/documents/BCM/Comments/CWC-GCM/gcm-update.pdf[bare URL PDF]

External links