Comparison of AE schemes that provide BBB security. “” means can be reduced to . “n.r.” denotes nonce-respecting and “n.m.” denotes nonce-misuse. “PRP” stands for pseudorandom permutation, “TPRP” stands for tweakable PRP, and “PRF” stands for pseudorandom function. Let be the block length of the plaintext and be the block length of associated data. Let be two integers. Let stand for approximately equal to. For example, ≃128 means that it is approximately equal to 128.