@techreport{irtf-cfrg-aead-limits-09, number = {draft-irtf-cfrg-aead-limits-09}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-irtf-cfrg-aead-limits/09/}, author = {Felix Günther and Martin Thomson and Christopher A. Wood}, title = {{Usage Limits on AEAD Algorithms}}, pagetotal = 20, year = 2024, month = oct, day = 9, abstract = {An Authenticated Encryption with Associated Data (AEAD) algorithm provides confidentiality and integrity. Excessive use of the same key can give an attacker advantages in breaking these properties. This document provides simple guidance for users of common AEAD functions about how to limit the use of keys in order to bound the advantage given to an attacker. It considers limits in both single- and multi-key settings.}, }