AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption
This memo specifies two authenticated encryption algorithms that are nonce misuse resistant -- that is, they do not fail catastrophically if a nonce is repeated.
This document is the product of the Crypto Forum Research Group.