AES [FIPS-197] is a 128-bit block cipher that underpins most secure communications in the modern era. GCM (NIST SP800-38D) is an authenticated block cipher mode usually used with AES. In this paper, we analyze some limitations of AES-GCM and propose a new block cipher mode, GEM, that extends GCM to provide better security bounds without introducing additional security assumptions. We specify two variants, AES-128-GEM and AES-256-GEM.
Workshop on the Requirements for an Accordion Cipher Mode 2024
NIST Workshop on the Requirements for an Accordion Cipher Mode 2024
Starts: June 20, 2024National Cybersecurity Center of Excellence (NCCoE) 9700 Great Seneca Highway Rockville, MD 20850
Security and Privacy: encryption