AES-GCM-SIV: Nonce misuse-resistant authenticated encryption

Shay Gueron, A. Langley, Yehuda Lindell

Research output: Book/ReportReportpeer-review


This memo specifies two authenticated encryption algorithms that are nonce misuse resistant -- that is, they do not fail catastrophically if a nonce is repeated.

This document is the product of the Crypto Forum Research Group.
Original languageEnglish
StatePublished - 2019


Dive into the research topics of 'AES-GCM-SIV: Nonce misuse-resistant authenticated encryption'. Together they form a unique fingerprint.

Cite this