Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Events 2023

The Third NIST Workshop on Block Cipher Modes of Operation 2023

AGENDA

NIST will host the Third NIST Workshop on Block Cipher Modes of Operation on October 3-4, 2023, at the National Cybersecurity Center of Excellence in Rockville, Maryland. NIST hosted the two previous modes workshops in conjunction with the development of the Advanced Encryption Standard (AES) in the early 2000s.   

This workshop will discuss how NIST can best address the limitations of the block cipher modes of operation ("modes", for short) that are approved in the NIST Special Publication 800-38 series, which will be documented in an initial public draft of NIST Internal Report (NIST IR) 8459, Report on the Block Cipher Modes of Operation in the NIST SP 800-38 Series.

NIST is particularly interested in discussing the possibility of standardizing a tweakable wide block encryption technique that could support a large range of input lengths.  

Topics for discussion include: 

  • The security and efficiency of current NIST modes 
  • Additional security features (e.g., misuse-resistance, key commitment, etc.) that would be desirable in a new encryption technique
  • Case studies of encryption techniques for specific uses, such as storage and key wrapping
  • The security and efficiency of tweakable wide encryption techniques

NIST is also soliciting research and discussion papers, surveys, presentations, case studies, panel proposals, and participation from all interested parties. Submissions must be provided electronically in PDF format and sent to ciphermodes@nist.gov. NIST will post the accepted papers and presentations on the workshop website, though no formal proceedings will be published. 

Inquiries:  ciphermodes@nist.gov

Key Committing Security of AEZ
Yu Long Chen, Antonio Flórez-Gutiérrez, Akiko Inoue, Ryoma Ito, Tetsu Iwata, Kazuhiko Minematsu, Nicky Mouha, Yusuke Naito, Ferdinand Sibleyras, Yosuke Todo

SHAKE Modes of Operation
Joan Daemen, Seth Hoffert, Silvia Mella, Gilles Van Assche

Overloading the Nonce: Rugged PRPs, Nonce-Set AEAD, and Order-Resilient Channels
Jean Paul Degabriele and Vukašin Karadžic

Deck-Based Wide Block Cipher Modes
Aldo Gunsing, Joan Daemen and Bart Mennink

Upgrading AEAD Privacy: The AE2 goal
Mihir Bellare

Length-preserving encryption with HCTR2
Paul Crowley, Nathan Huckleberry, Eric Biggers

The Landscape of Committing Authenticated Encryption
Mihir Bellare, Viet Tung Hoang, Cong Wu

Practical Challenges with AES-GCM and the Need for a New Cipher
Panos Kampanakis, Matt Campagna, Eric Crocket, Adam Petcher, Shay Gueron

KIVR: Context-Committing Authenticated Encryption Using Plaintext Redundancy and Application to GCM and Variants
Yusuke Naito, Yu Sasaki, Takeshi Sugawara

Proposals for Standardization of Encryption Schemes
John Preuß Mattsson, Ben Smeets, Erik Thormarker

Galois Counter Mode with Secure Short Tags (GCM-SST)
Matthew Campagna, Alexander Maximov, John Preuß Mattsson

Short Tweak TBC and Its Applications in Symmetric Ciphers
Avik Chakraborti, Nilanjan Datta, Ashwin Jha, Cuauhtemoc Mancillas-López, Mridul Nandi, Yu Sasaki

Flexible Authenticated Encryption
Sanketh Menda, Julia Len, Viet Tung Hoang, Mihir Bellare, Thomas Ristenpart

Constructions based on the AES round and polynomial multiplication that are efficient on modern processor architectures
Shay Gueron


Withdrawn (authors unable to attend)

“KohiNoor & DaryaiNoor; two GEMs of Eternal Majesty”: GCTR-based Enciphering Modes [version 1]
Amit Singh Bhati, Michiel Verbauwhede and Elena Andreeva

Light-OCB: Parallel Lightweight Authenticated Cipher with Full Security
Avik Chakraborti, Nilanjan Datta, Ashwin Jha, Cuauhtemoc Mancillas-López, and Mridul Nandi

tHyENA:  A Short Tweak TBC Based Lightweight AEAD
Avik Chakraborti, Nilanjan Datta, Ashwin Jha, Cuauhtemoc Mancillas-López, Mridul Nandi
Selected Presentations
October 3, 2023 Type
9:10 AM Radical CS
Phillip Rogaway - University of California, Davis
Keynote
10:00 AM Report on the Block Cipher Modes of Operation in the NIST SP 800-38 Series
Nicky Mouha - Strativia
Presentation
11:00 AM Rugged Pseudorandom Permutations and Their Applications
Jean Paul Degabriele - Technology Innovation Institute
Presentation
11:20 AM Upgrading AEAD Privacy: The AE2 goal
Mihir Bellare - UCSD
Presentation
11:40 AM The Landscape of Committing Authenticated Encryption
Viet Tung Hoang - Florida State University
Presentation
1:20 PM SHAKE Modes of Operation
Joan Daemen - Radboud University
Presentation
1:40 PM Deck-Based Wide Block Cipher Modes
Bart Mennink - Radboud University
Presentation
2:00 PM Length-Preserving Encryption with HCTR2
Paul Crowley - Google LLC
Presentation
2:50 PM Practical Challenges with AES-GCM and the Need for a New Cipher
Panos Kampanakis - AWS
Presentation
3:10 PM Proposals for Standardization of Encryption Schemes
John Preuß Mattsson - Ericsson
Presentation
3:30 PM Panel - Lessons Learned
John Kelsey - NIST and KU Leuven
 Lily Chen - NIST
 Joan Daemen - Radboud University
 Phillip Rogaway - University of California, Davis
 Miles Smid - Retired (NIST)
 		Presentation
October 4, 2023 Type
9:00 AM Short Tweak TBC and Its Applications in Symmetric Ciphers
Yu Sasaki - NIST/NTT
Presentation
9:20 AM Galois Counter Mode with Secure Short Tags (GCM-SST)
John Preuß Mattsson - Ericsson
Presentation
9:40 AM Constructions based on the AES Round and Polynomial Multiplication that are Efficient on Modern Processor Architectures
Shay Gueron - University of Haifa and Meta
Presentation
10:30 AM Validation Testing for Block Cipher Modes
Chris Celi - NIST
Presentation
11:00 AM Update on Standardization of Ascon family
Meltem Sönmez Turan - NIST
Presentation
1:20 PM Key Committing Security of AEZ
Yu Long Chen - NIST
Presentation
1:40 PM Flexible Authenticated Encryption
Sanketh Menda - Cornell Tech
 		Presentation
2:00 PM KIVR: Context-Committing Authenticated Encryption Using Plaintext Redundancy and Application to GCM and Variants
Yusuke Naito - Mitsubishi Electric Corporation
Presentation

Event Details

Starts: October 03, 2023 - 09:00 AM EDT
Ends: October 04, 2023 - 04:30 PM EDT

Format: In-person Type: Workshop

Agenda

Attendance Type: Open to public
Audience Type: Industry,Government,Academia,Other


Location

National Cybersecurity Center of Excellence (NCCoE)
9700 Great Seneca Highway
Rockville, MD 20850

Parent Project

See: Block Cipher Techniques

Related Topics

Security and Privacy: authentication, cryptography

Created March 06, 2023, Updated March 25, 2024