AEGIS: A Fast Authenticated Encryption Algorithm

Conference paper

DOI: 10.1007/978-3-662-43414-7_10

Part of the Lecture Notes in Computer Science book series (LNCS, volume 8282)
Cite this paper as:
Wu H., Preneel B. (2014) AEGIS: A Fast Authenticated Encryption Algorithm. In: Lange T., Lauter K., Lisoněk P. (eds) Selected Areas in Cryptography -- SAC 2013. SAC 2013. Lecture Notes in Computer Science, vol 8282. Springer, Berlin, Heidelberg


This paper introduces a dedicated authenticated encryption algorithm AEGIS; AEGIS allows for the protection of associated data which makes it very suitable for protecting network packets. AEGIS-128 uses five AES round functions to process a 16-byte message block (one step); AES-256 uses six AES round functions. The security analysis shows that both algorithms offer a high level of security. On the Intel Sandy Bridge Core i5 processor, the speed of AEGIS is around 0.7 clock cycles/byte (cpb) for 4096-byte messages. This is comparable in speed to the CTR mode (that offers only encryption) and substantially faster than the CCM, GCM and OCB modes.


Authenticated encryption AEGIS AES-NI 

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  1. 1.School of Physical and Mathematical SciencesNanyang Technological UniversityNanyang LinkSingapore
  2. 2.Dept. Elektrotechniek-ESAT/COSICKU Leuven and iMindsLeuvenBelgium

Personalised recommendations