Find in Library

Abstract Nonce‐misuse resilience (NMRL) security of Romulus‐N and GIFT‐COFB is analysed, the two finalists of NIST Lightweight Cryptography project for standardising lightweight authenticated encryption. NMRL, introduced by Ashur et al. at CRYPTO 2017, is a relaxed security notion from a stronger, nonce‐misuse resistance notion. The authors have proved that Romulus‐N and GIFT‐ COFB have nonce‐misuse resilience. For Romulus‐N, the perfect privacy (NMRL‐PRIV) and n/2‐bit authenticity (NMRL‐AUTH) with graceful degradation with respect to nonce repetition are showed. For GIFT‐COFB, n/4‐bit security for both NMRL‐PRIV and NMRL‐AUTH notions is showed.