Parallelizable Rate-1 Authenticated Encryption from Pseudorandom Functions
Kazuhiko Minematsu
- 11 May 2014
- Vol. 114, Iss: 203, pp 275-292
TL;DR: The key idea of the proposal is a novel usage of two-round Feistel permutation, where the round functions are derived from the theory of tweakable blockcipher, which attains similar characteristics as the seminal OCB mode, without using the inverse block cipher.
read more
Abstract: This paper proposes a new scheme for authenticated encryption (AE) which is typically realized as a blockcipher mode of operation. The proposed scheme has attractive features for fast and compact operation. When it is realized with a blockcipher, it requires one blockcipher call to process one input block (i.e. rate-1), and uses the encryption function of the blockcipher for both encryption and decryption. Moreover, the scheme enables one-pass, parallel operation under two-block partition. The proposed scheme thus attains similar characteristics as the seminal OCB mode, without using the inverse blockcipher. The key idea of our proposal is a novel usage of two-round Feistel permutation, where the round functions are derived from the theory of tweakable blockcipher. We also provide basic software results, and describe some ideas on using a non-invertible primitive, such as a keyed hash function.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Breaking Symmetric Cryptosystems UsingźQuantumźPeriod Finding
Marc Kaplan,Gaëtan Leurent,Anthony Leverrier,María źNaya-Plasencia +3 more
- 14 Aug 2016
TL;DR: This paper considers attacks where an adversary can query an oracle implementing a cryptographic primitive in a quantum superposition of different states, and shows that the most widely used modes of operation for authentication and authenticated encryption are completely broken in this security model.
Robust Authenticated-Encryption AEZ and the Problem That It Solves
Viet Tung Hoang,Viet Tung Hoang,Ted Krovetz,Phillip Rogaway +3 more
- 26 Apr 2015
TL;DR: AEZ as mentioned in this paper is a robust authenticated-encryption scheme from the AES round function, which can achieve a peak speed of about 0.7 cpb on the Haswell standard.
Statistical Fault Attacks on Nonce-Based Authenticated Encryption Schemes
Christoph Dobraunig,Maria Eichlseder,Thomas Korak,Victor Lomné,Florian Mendel +4 more
- 04 Dec 2016
TL;DR: This work states that when targeting authenticated encryption schemes, this is in practice usually precluded by the unique nonce required by most of these schemes.
General classification of the authenticated encryption schemes for the CAESAR competition
TL;DR: This paper provides an easy-to-grasp overview over functional aspects, security parameters, and robustness offerings by the CAESAR candidates, clustered by their underlying designs (block-cipher-, stream- cipher-, permutation-/sponge-, compression-function-based, dedicated).
48
Metal: A Metadata-Hiding File-Sharing System.
Weikeng Chen,Raluca Ada Popa +1 more
- 01 Jan 2020
TL;DR: Metal is the first file-sharing system that hides metadata from malicious users and that has a latency of only a few seconds, which is 500× faster (in terms of amortized latency) or 10× faster than PIR-MCORAM, which does not hide user identities.
45
References
How to construct pseudorandom permutations from pseudorandom functions
Michael Luby,Charles Rackoff +1 more
TL;DR: Any pseudorandom bit generator can be used to construct a block private key cryptos system which is secure against chosen plaintext attack, which is one of the strongest known attacks against a cryptosystem.
1.1K
•Posted Content
Authenticated Encryption: Relations among notions and analysis of the generic composition paradigm.
TL;DR: This work considers two possible notions of authenticity for authenticated encryption schemes, namely integrity of plaintexts and integrity of ciphertexts, and relates them to the standard notions of privacy IND-CCA and NM-CPA by presenting implications and separations between all notions considered.
Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm
Mihir Bellare,Chanathip Namprempre +1 more
- 03 Dec 2000
TL;DR: This work analyzes the security of authenticated encryption schemes designed by "generic composition," meaning making black-box use of a given symmetric encryption scheme and a given MAC and indicates whether or not the resulting scheme meets the notion in question assuming the given symmetry is secure against chosen-plaintext attack and the given MAC is unforgeable under chosen-message attack.
The security of triple encryption and a framework for code-based game-playing proofs
Mihir Bellare,Phillip Rogaway +1 more
- 28 May 2006
TL;DR: In this article, it was shown that triple encryption (the cascade of three independently-keyed blockciphers) is more secure than single or double encryption in the ideal-cipher model.
OCB: a block-cipher mode of operation for efficient authenticated encryption
Phillip Rogaway,Mihir Bellare,John Black,Ted Krovetz +3 more
- 05 Nov 2001
TL;DR: It is proved OCB secure, quantifying the adversary's ability to violate the mode's privacy or authenticity in terms of the quality of its block cipher as a pseudorandom permutation (PRP) or as a strong PRP, respectively.
Related Papers (5)
Ted Krovetz,Phillip Rogaway +1 more
- 13 Feb 2011
David McGrew,John Viega +1 more
- 20 Dec 2004
Moses Liskov,Ronald L. Rivest,David Wagner +2 more
- 18 Aug 2002