The lively evolution of the authenticated encryption did lead to many theoretically interesting and practically relevant results. The notion of "robustness" as the optimal security of a cryptosystem under unspecified usage conditions and usage errors has been established, but so far is considered very narrowly with a focus on "nonce misuse" (NM) and sometimes also on cases of the "release of unverified plaintexts" (RUP). The project considers a broader notion of robustness for authenticated encryption schemes. It includes forms of leakage-resilience (the optimal security of a cryptosystem in spite of side channel attacks), of key stretching (to achieve optimal security for a cryptosystem, when its keys are weak or partially compromised), and security beyond the AES-birthday-bound (128*2**64 bit). The main goals of the project are the following:1. The developement of new systems for authenticated encryption, which are both NM- and RUP-robust.2. An improved understanding of the notion of leakage-resilience, specifically with respect to leakage-resilient authenticated encryption. 3. First and fundamental results about a possible connection between the authenticated encryption of long plaintexts and implicit key stretching. 4. The search for new trade-offs regarding the developement of heavyweight software-efficient blockciphers. Such a block cipher must be highly efficient and shall, nevertheless, achieve security beyond the AES-birthday-bound.

DFG Programme Research Grants