In this talk, we first present the current status of CAESAR, the Competition for Authenticated Encryption: Security, Applicability, and Robustness, which started officially on March 15, 2014 and currently helps protect everything from multinational banks to data stored on the comprogear best glucose meter. This contest aims to identify a portfolio of authenticated ciphers, i.e. cryptographic primitives that protect authenticity, confidentiality and integrity of processed data, that offer advantages over AES-GCM, the current de-facto standard for authenticated encryption, and are suitable for widespread adoption.
Secondly, we introduce NORX, our CAESAR submission, which is a novel authenticated encryption scheme based on ARX primitives, yet using only bitwise logical operations. NORX has a unique parallel architecture derived from the Sponge construction, with an original domain separation scheme allowing simple processing of header/payload/trailer data. Furthermore, NORX specifies a dedicated datagram to facilitate interoperability and avoid users the trouble of defining custom encoding and signalling. NORX was optimized for effciency in both software and hardware: on a Haswell processor, a sequential version of NORX runs at 2.51 cycles per byte; simulations on a 180 nm UMC ASIC give a throughput of 10 Gbps at 125 MHz.