Paper 2025/1235
HiAE Remains Secure in Its Intended Model: A Clarification of Claimed Attacks
Abstract
HiAE is a recently proposed high-throughput authenticated encryption algorithm that achieves exceptional performance on both x86 and ARM architectures. Following its publication, several cryptanalysis papers have claimed that HiAE’s 256-bit encryption security is broken under the nonce-respecting model. In this note, we clarify that the claimed attacks rely critically on submitting forged-tag decryption queries — a type of behavior explicitly excluded by HiAE’s original security model. HiAE was designed under a standard nonce-based AEAD setting without decryption oracle access, offering 256-bit security against key and state recovery, and 128-bit security against forgery. This design approach follows the same principle as well-known schemes such as AEGIS and MORUS. The conclusion that HiAE is broken is based on a misinterpretation of its security model, as the attacks rely on conditions that the design explicitly excludes.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Preprint.
- Keywords
- Authenticated EncryptionHiAE
- Contact author(s)
-
concyclics @ gmail com
huangtao80 @ huawei com
pham phuong @ huawei com
Wu Shuang @ huawei com - History
- 2025-07-09: revised
- 2025-07-03: received
- See all versions
- Short URL
- https://ia.cr/2025/1235
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/1235,
author = {Han Chen and Tao Huang and Phuong Pham and Shuang Wu},
title = {{HiAE} Remains Secure in Its Intended Model: A Clarification of Claimed Attacks},
howpublished = {Cryptology {ePrint} Archive, Paper 2025/1235},
year = {2025},
url = {https://eprint.iacr.org/2025/1235}
}
