AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption

This memo specifies two authenticated encryption algorithms that are nonce misuse-resistant - that is that they do not fail catastrophically if a nonce is repeated.