The FCM Scheme for Authenticated Encryption

We propose an advanced authenticated encryption with associated data (AEAD) scheme called FCM (compression Function/Counter Mode) based on a compression function required to be a pseudorandom function (PRF) against related key attacks. FCM adopts the stream cipher generated by parallel compression function to encrypt plaintexts, and then utilizes compression Function-based MAC (FMAC) to produce the authentication tag, in which FMAC is a variant of the Merkle-Damgard construction with a permutation. In this structure, FCM successfully avoids introducing the string representing lengths of plaintext and associated data in the generation of the authentication tag, which is a shortage in Galois/Counter Mode (GCM) especially for short message. Then we analyze the security of FCM from two aspects of encryption and authentication based on secure underlying primitives. At last features of FCM are summarized and compared with GCM.