Score:1

What are the differences between the various Authenticated Encryption schemes using Keccak?

in flag

Keccak - as used in SHA-3 / SHAKE amongst others - can also be used for authenticated encryption.

However, there already seem multiple schemes defined for it, including their own implementations:

  1. Ketje:

    1. Kejte Jr;
    2. Kejte Sr;
    3. Kejte Minor and
    4. Kejte Major
  2. Kravatte (excluding the deprecated/broken schemes):

    1. Kravatte-SANE and
    2. Kravatte-SANSE (SIV)
  3. Keyak:

    1. River Keyak;
    2. Lake Keyak;
    3. Sea Keyak;
    4. Ocean Keyak and
    5. Lunar Keyak.
  4. Motorist (based on Keyak, same paper)

So why are there so many different authentication schemes, how do they differ? Kravatte is part of an embedded framework that provides a single function for everything, but there seems to be no explanation why Ketje exists next to Keyak, or why Motorist doesn't completely replace Keyak.

Are there any objective reasons to choose one over the other? Which one, for instance, would be a good generic AEAD scheme to use together with a PQC KEM?

Maarten Bodewes avatar
in flag
If the last part of my question is too much please indicate.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.