Voozh

%PDF-1.6 %�� 2 0 obj <>/Metadata 130 0 R/Names 116 0 R/Outlines 114 0 R/Pages 3 0 R/StructTreeRoot 131 0 R/Type/Catalog>> endobj 130 0 obj <>stream endstream endobj 116 0 obj <<>> endobj 114 0 obj <<>> endobj 3 0 obj <> endobj 131 0 obj <> endobj 115 0 obj null endobj 132 0 obj <>/CM10<>/CM11<>/CM12<>/CM15<>/CM16<>/CM2<>/CM3<>/CM4<>/CM5<>/CM6<>/CM7<>/CM8<>/CM9<>>> endobj 133 0 obj <> endobj 134 0 obj <> endobj 135 0 obj <> endobj 150 0 obj [136 0 R 137 0 R 138 0 R 139 0 R 140 0 R 166 0 R 167 0 R 168 0 R 169 0 R 168 0 R 170 0 R 171 0 R 170 0 R 172 0 R 173 0 R 174 0 R 175 0 R null null] endobj 151 0 obj [null 176 0 R 176 0 R 177 0 R 178 0 R 177 0 R 179 0 R 179 0 R 180 0 R 181 0 R 181 0 R 182 0 R 183 0 R 184 0 R null null] endobj 152 0 obj [null 185 0 R 186 0 R 187 0 R 188 0 R 189 0 R 190 0 R 191 0 R 191 0 R 192 0 R null null] endobj 153 0 obj [null 193 0 R 194 0 R 193 0 R 195 0 R 196 0 R 197 0 R 197 0 R 198 0 R 199 0 R 200 0 R 201 0 R 202 0 R 203 0 R 204 0 R 205 0 R 206 0 R 205 0 R 207 0 R 208 0 R 207 0 R 209 0 R 210 0 R 211 0 R null null] endobj 154 0 obj [null null 212 0 R 212 0 R 213 0 R 212 0 R 214 0 R 215 0 R 214 0 R 216 0 R 217 0 R 218 0 R 217 0 R 219 0 R 220 0 R 221 0 R 222 0 R 223 0 R 224 0 R 225 0 R 224 0 R 226 0 R 224 0 R 227 0 R 224 0 R 228 0 R 229 0 R 229 0 R 230 0 R 231 0 R 232 0 R 233 0 R 232 0 R 234 0 R 235 0 R 236 0 R 237 0 R 236 0 R 238 0 R 238 0 R 239 0 R 240 0 R 241 0 R 240 0 R 242 0 R 240 0 R 243 0 R 240 0 R 244 0 R 240 0 R 245 0 R 240 0 R 246 0 R 240 0 R 247 0 R 240 0 R 248 0 R 249 0 R 250 0 R null null] endobj 155 0 obj [null 251 0 R 251 0 R 252 0 R 253 0 R 252 0 R 254 0 R 255 0 R 256 0 R 255 0 R 257 0 R 258 0 R 255 0 R 259 0 R 255 0 R 260 0 R 261 0 R 260 0 R 262 0 R 263 0 R 260 0 R 264 0 R 260 0 R 265 0 R 266 0 R 265 0 R 267 0 R 265 0 R 268 0 R 269 0 R 270 0 R 271 0 R 272 0 R 273 0 R 274 0 R 275 0 R 276 0 R 277 0 R 276 0 R 278 0 R 279 0 R 280 0 R 281 0 R 282 0 R 281 0 R 283 0 R 281 0 R 284 0 R 285 0 R 284 0 R 286 0 R 287 0 R 288 0 R 289 0 R 288 0 R 290 0 R 288 0 R 291 0 R 292 0 R 291 0 R 293 0 R 291 0 R 294 0 R 291 0 R 295 0 R 296 0 R null null] endobj 156 0 obj [null 297 0 R 298 0 R 299 0 R 300 0 R 299 0 R 301 0 R 302 0 R 303 0 R 302 0 R 304 0 R 305 0 R 306 0 R 305 0 R 307 0 R 305 0 R 308 0 R 309 0 R 308 0 R 310 0 R 311 0 R 312 0 R 313 0 R 314 0 R 315 0 R 316 0 R 314 0 R 317 0 R 318 0 R 319 0 R 320 0 R 321 0 R 322 0 R 321 0 R 323 0 R 324 0 R 325 0 R 326 0 R null null] endobj 157 0 obj [null 327 0 R 327 0 R 328 0 R 329 0 R 328 0 R 330 0 R 331 0 R 332 0 R 333 0 R 334 0 R 335 0 R 336 0 R 335 0 R null null] endobj 158 0 obj [null 337 0 R 338 0 R 339 0 R 338 0 R 340 0 R 338 0 R 341 0 R 342 0 R 343 0 R 344 0 R 345 0 R 346 0 R 347 0 R 348 0 R 349 0 R 350 0 R 351 0 R 352 0 R 353 0 R 354 0 R 355 0 R 356 0 R 355 0 R null null] endobj 159 0 obj [null 357 0 R 358 0 R 359 0 R 360 0 R 361 0 R 361 0 R 163 0 R 361 0 R 362 0 R 362 0 R 164 0 R 362 0 R 363 0 R 363 0 R 364 0 R 364 0 R 165 0 R 364 0 R null null] endobj 160 0 obj <>7]/P 365 0 R/Pg 103 0 R/S/Link>> endobj 161 0 obj <>11]/P 366 0 R/Pg 103 0 R/S/Link>> endobj 162 0 obj <>17]/P 367 0 R/Pg 103 0 R/S/Link>> endobj 163 0 obj <>7]/P 361 0 R/Pg 103 0 R/S/Link>> endobj 164 0 obj <>11]/P 362 0 R/Pg 103 0 R/S/Link>> endobj 165 0 obj <>17]/P 364 0 R/Pg 103 0 R/S/Link>> endobj 364 0 obj <> endobj 103 0 obj <>/ProcSet[/PDF/Text]>>/StructParents 9/Tabs/S/Type/Page>> endobj 368 0 obj [117 0 R 118 0 R 119 0 R] endobj 369 0 obj <>stream /Artifact <>BDC q 1.00028 0 0 1.00028 72 769.82 cm 0 G 0.5 w q 1 0 0 1 19.8 -22.14 cm 0 0 m 428.27 0 l 0 -596.57 m 428.27 -596.57 l S Q Q EMC BT /Artifact <>BDC 0 g /T1_0 1 Tf 0 Tc 0 Tw 0 Ts 100 Tz 0 Tr 9.9628 0 0 9.9628 510.233 751.5149 Tm (10)Tj /T1_1 1 Tf ( )Tj EMC /Artifact <>BDC /T1_0 1 Tf -41.999 0 Td [(Authen)28(tication)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 6.888 0 Td [(w)27(eaknesses)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 5.127 0 Td (in)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.166 0 Td (GCM)Tj /T1_1 1 Tf ( )Tj EMC /P <>BDC /T1_0 1 Tf -13.181 -3.86 Td (The)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.99 0 Td (second)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.164 0 Td [(w)27(eakness)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.224 0 Td (is)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 0.941 0 Td (that)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.103 0 Td (a)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 0.769 0 Td (successful)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.48 0 Td (forgery)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.33 0 Td (immediately)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 5.631 0 Td [(rev)27(eals)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.222 0 Td (information)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 5.355 0 Td [(ab)-28(out)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.798 0 Td (the)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.659 0 Td (authen;)Tj -39.666 -1.2 Td (tication)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.671 0 Td [(k)27(ey)84(.)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.126 0 Td (This)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.289 0 Td [(w)27(eakness)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.294 0 Td (exacerbates)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 5.374 0 Td (the)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.728 0 Td (consequences)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 6.043 0 Td (of)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.145 0 Td (the)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.727 0 Td (\257rst)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.07 0 Td (one,)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.118 0 Td (and)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.949 0 Td (leads)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.511 0 Td (to)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.227 0 Td (a)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 0.839 0 Td (complete)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf -39.111 -1.2 Td (loss)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.899 0 Td (of)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.14 0 Td [(authen)27(tication)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 6.638 0 Td [(securit)27(y)83(.)]TJ /T1_1 1 Tf ( )Tj EMC /P <>BDC /T1_2 1 Tf 14.344 0 0 14.344 91.8055 651.907 Tm (11)Tj /T1_1 1 Tf ( )Tj /T1_2 1 Tf 2.249 0 Td [(Ac)30(kno)31(wledgemen)32(ts)]TJ /T1_1 1 Tf ( )Tj EMC /P <>BDC /T1_0 1 Tf 9.9628 0 0 9.9628 91.8055 625.7997 Tm (I)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 0.704 0 Td [(w)27(ould)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.927 0 Td [(lik)27(e)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.843 0 Td (to)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.233 0 Td (thank)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.872 0 Td [(Da)27(vid)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.941 0 Td [(W)83(agner,)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.961 0 Td (Doug)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.664 0 Td (Whiting,)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.207 0 Td [(Y)82(oshi)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.739 0 Td (Kohno,)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.513 0 Td (Josh)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.308 0 Td (Benaloh,)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.165 0 Td [(Da)27(vid)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.941 0 Td (McGrew,)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf -39.018 -1.2 Td (John)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.457 0 Td (Viega,)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.084 0 Td (Dan)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.153 0 Td [(Sh)27(umo)28(w,)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.278 0 Td (and)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.944 0 Td (Denise)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.213 0 Td [(F)82(erguson)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.245 0 Td (for)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.531 0 Td (their)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.391 0 Td (time,)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.555 0 Td [(insigh)26(tful)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.395 0 Td [(commen)27(ts,)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.978 0 Td (and)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.944 0 Td [(supp)-28(ort.)]TJ /T1_1 1 Tf ( )Tj EMC /P <>BDC /T1_2 1 Tf 14.344 0 0 14.344 91.8055 576.6059 Tm (References)Tj /T1_1 1 Tf ( )Tj EMC /Span <>BDC /T1_0 1 Tf 9.9628 0 0 9.9628 91.8055 550.4986 Tm ([1])Tj /T1_1 1 Tf ( )Tj EMC /Span <>BDC /T1_0 1 Tf 1.555 0 Td (Brian)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.813 0 Td (Gladman.)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.866 0 Td (AES)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.365 0 Td (and)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.991 0 Td [(com)27(bined)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.519 0 Td [(encryption/authen)27(tication)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 11.827 0 Td [(mo)-27(des.)]TJ /T1_1 1 Tf (\003 )Tj EMC /Link <>BDC /T1_3 1 Tf 3.614 0 Td (http://fp.gladman)Tj EMC /Span <>BDC (.)Tj /T1_1 1 Tf ( )Tj /T1_3 1 Tf -31.995 -1.2 Td (plus.com/AES/index.htm)Tj /T1_0 1 Tf 11.549 0 Td (.)Tj /T1_1 1 Tf ( )Tj EMC /Span <>BDC /T1_0 1 Tf -13.104 -2 Td ([2])Tj /T1_1 1 Tf ( )Tj EMC /Span <>BDC /T1_0 1 Tf 1.555 0 Td [(T)82(ada)28(y)28(oshi)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.828 0 Td (Kohno,)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.624 0 Td (John)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.558 0 Td (Viega,)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.208 0 Td (and)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.044 0 Td (Doug)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.752 0 Td (Whiting.)Tj /T1_1 1 Tf (\003 )Tj /T1_0 1 Tf 4.601 0 Td [(CW)27(C:)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.155 0 Td (A)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.182 0 Td [(high-p)-28(erformance)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 8.05 0 Td [(con)27(v)28(en)27(tional)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf -36.002 -1.2 Td [(authen)27(ticated)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 6.305 0 Td (encryption)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.975 0 Td [(mo)-28(de.)]TJ /T1_1 1 Tf ( )Tj EMC /Link <>BDC /T1_3 1 Tf 3.082 0 Td (http://eprint.iacr.org/2003/106)Tj EMC /Span <>BDC (/)Tj /T1_0 1 Tf (.)Tj /T1_1 1 Tf ( )Tj EMC /Span <>BDC /T1_0 1 Tf -15.918 -2 Td ([3])Tj /T1_1 1 Tf ( )Tj EMC /Span <>BDC /T1_0 1 Tf 1.555 0 Td [(Da)27(vid)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.02 0 Td (A.)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.451 0 Td (McGrew)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.126 0 Td (and)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.034 0 Td (John)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.548 0 Td (Viega.)Tj /T1_1 1 Tf (\003 )Tj /T1_0 1 Tf 3.459 0 Td (The)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.145 0 Td [(Galois/Coun)27(ter)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 7.188 0 Td [(Mo)-28(de)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.867 0 Td (of)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.229 0 Td [(op)-28(eration)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.565 0 Td (\(GCM\).)Tj /T1_1 1 Tf ( )Tj /T1_3 1 Tf 4.187 0 Td (http:)Tj /T1_1 1 Tf ( )Tj /T1_3 1 Tf -38.819 -1.201 Td [(//csrc.nist.gov/CryptoToolkit/modes/proposedmodes/gcm/gcm-)-49(spec.pdf)]TJ /T1_0 1 Tf (.)Tj /T1_1 1 Tf ( )Tj EMC /Span <>BDC /T1_0 1 Tf -1.555 -1.999 Td ([4])Tj /T1_1 1 Tf ( )Tj EMC /Span <>BDC /T1_0 1 Tf 1.555 0 Td [(Da)27(vid)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.905 0 Td (A.)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.337 0 Td (McGrew)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.012 0 Td (and)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.919 0 Td (John)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.433 0 Td (Viega.)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.152 0 Td (The)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.031 0 Td [(securit)27(y)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.705 0 Td (and)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.919 0 Td [(p)-28(erformance)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 5.703 0 Td (of)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.114 0 Td (the)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.697 0 Td [(Galois/Coun)26(ter)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 7.074 0 Td [(Mo)-28(de)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf -39.001 -1.201 Td (\(GCM\))Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 3.534 0 Td (of)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.139 0 Td [(op)-28(eration)]TJ /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.475 0 Td (\(full)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 2.139 0 Td [(v)26(ersion\).)]TJ /T1_1 1 Tf ( )Tj EMC /Link <>BDC /T1_3 1 Tf 4.174 0 Td (http://eprint.iacr.org/2004/193)Tj EMC /Span <>BDC /T1_0 1 Tf (.)Tj /T1_1 1 Tf ( )Tj EMC /Artifact <>BDC /T1_0 1 Tf -12.041 -30.5 Td (c)Tj EMC /Artifact <>BDC -4.975 -0.03 Td [(Cop)28(yrigh)28(t)]TJ /T1_1 1 Tf ( )Tj /T1_4 1 Tf 4.697 0 Td (\260)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 1.333 0 Td (Microsoft)Tj /T1_1 1 Tf ( )Tj /T1_0 1 Tf 4.453 0 Td (Corp.)Tj /T1_1 1 Tf ( )Tj EMC ET endstream endobj 113 0 obj <> endobj 125 0 obj <> endobj 370 0 obj <> endobj 124 0 obj <> endobj 371 0 obj <> endobj 128 0 obj <> endobj 32 0 obj <> endobj 378 0 obj <>stream H�l��j�F��@߃�f�j�?��8g��@�U%�4��Fn/�l�|�,|h��l�o�~�[N�n�u=ׇ��ͧe\��Z��L��ew��T�o��Y��e��n~��|��l��o��|��C��y��}��

URL: https://csrc.nist.gov/csrc/media/projects/block-cipher-techniques/documents/bcm/comments/cwc-gcm/ferguson2.pdf

⇱