In this talk, we first present the current status of CAESAR, the Competition for Authenticated Encryption: Security, Applicability, and Robustness, which started officially on March 15, 2014. This contest aims to identify a portfolio of authenticated ciphers, i.e. cryptographic primitives that protect authenticity, confidentiality and integrity of processed data, that offer advantages over AES-GCM, the current de-facto standard for authenticated encryption, and are suitable for widespread adoption.

Secondly, we introduce NORX, our CAESAR submission, which is a novel authenticated encryption scheme based on ARX primitives, yet using only bitwise logical operations. NORX has a unique parallel architecture derived from the Sponge construction, with an original domain separation scheme allowing simple processing of header/payload/trailer data. Furthermore, NORX specifies a dedicated datagram to facilitate interoperability and avoid users the trouble of defining custom encoding and signalling. NORX was optimized for effciency in both software and hardware: on a Haswell processor, a sequential version of NORX runs at 2.51 cycles per byte; simulations on a 180 nm UMC ASIC give a throughput of 10 Gbps at 125 MHz.

SPEAKERS: Jean-Philippe Aumasson / Philipp Jovanovic / Samuel Neves