Breadcrumb navigation

NEC discovers vulnerability in OCB2 encryption leading to its removal from ISO standard

Paper on the vulnerability and repair wins Best Paper award at CRYPTO 2019

Tokyo, August 20, 2019 - NEC Corporation (NEC; TSE: 6701) today announced that it has discovered vulnerabilities in the ISO-standard OCB2 encryption scheme in cooperation with partners that include Nagoya University. OCB2 is not a widely used technology, however, NEC reported the discovery to ISO to prevent any possible effects on society. Consequently, ISO/IEC has announced the removal of OCB2 from the ISO standard(*1). The paper describing the details of the vulnerabilities and ways to fix them has received the Best Paper award at the CRYPTO 2019 conference organized by the International Association for Cryptologic Research(*2). CRYPTO 2019 is being held from August 18-22 in Santa Barbara, California, USA.

CRYPTO is the most prestigious international conference in the field of cryptography. The Best Paper award was given in recognition of the authors having proven that confidentiality and authenticity breaks in the high-profile OCB2 encryption scheme are possible using attacks with minimal computational complexity.

"Encryption underpins the core of social infrastructures, so that assessing the safety of encryption technologies is essential. NEC has presented many papers on cryptography research in authoritative international conferences around the world and is a technological leader in this field," said Mikiya Tani, General Manager, Security Research Laboratories, NEC Corporation.

Overview of the award:

  • (1)
    Best Paper Award
    Cryptanalysis of OCB2: Attacks on Authenticity and Confidentiality
  • (2)
    Akiko Inoue, Security Research Laboratories, NEC Corporation
    Kazuhiko Minematsu, Security Research Laboratories, NEC Corporation
    Tetsu Iwata, Nagoya University
    Bertram Poettering, for his work at Royal Holloway, University of London. Currently with IBM Research Zurich
  • (3)
    The paper is the first report about the discovery of minor errors in the logic for the mathematical security proof of OCB2, pointing out vulnerabilities resulting from these security errors. The authors showed that cryptanalysis is carried out almost instantaneously. They also proposed ways to fix OCB2 so that the security proof functions properly.

OCB3, which is an improved version of OCB2, is not affected by the attacks because of its different security proof logic.


About NEC Corporation
NEC Corporation is a leader in the integration of IT and network technologies that benefit businesses and people around the world. The NEC Group globally provides "Solutions for Society" that promote the safety, security, efficiency and equality of society. Under the company's corporate message of "Orchestrating a brighter world," NEC aims to help solve a wide range of challenging issues and to create new social value for the changing world of tomorrow. For more information, visit NEC at

Orchestrating a brighter world

NEC is a registered trademark of NEC Corporation. All Rights Reserved. Other product or service marks mentioned herein are the trademarks of their respective owners. © NEC Corporation.