From Syllab
Jump to: navigation, search

SHELL is a nonce-based software oriented authenticated encryption scheme designed by Lei Wang.



SHELL is a block-cipher-based mode operation. It utilizes a block cipher and a set of differentially-uniform auxiliary permutations. The overview of SHELL is shown below.

Shell overview.png


  • Block-cipher-based Mode Operation
  • Provable secure beyond birthday bound
  • Failure-friendly for nonce-misuse


The submission document to CAESAR competition can be found here.

The revised (April 11, 2014) document can be found here: several typos are corrected. Some inconsistencies between text and the figures (Figures 1.3, 1.11 and 1.14, 1.16) are corrected. Also the authenticity security claim for SHELL mode is upated (Table 2.1).

The tweaked (August 29, 2015) document can be found here

Reference Code

The reference code can be download from here