scholarly journals Tweakable Blockciphers with Beyond Birthday-Bound Security

2012 ◽  
pp. 14-30 ◽  
Author(s):  
Will Landecker ◽  
Thomas Shrimpton ◽  
R. Seth Terashima
Keyword(s):  
Beyond Birthday Bound ◽  
Tweakable Blockciphers

scholarly journals Tweakable Blockciphers for Efficient Authenticated Encryptions with Beyond the Birthday-Bound Security

2017 ◽  
pp. 1-26 ◽  
Author(s):  
Yusuke Naito
Keyword(s):  
Modular Design ◽  
Data Block ◽  
Authenticated Encryption ◽  
Pseudorandom Permutation ◽  
Beyond Birthday Bound ◽  
Tweakable Blockciphers ◽  
Associated Data

Modular design via a tweakable blockcipher (TBC) offers efficient authenticated encryption (AE) schemes (with associated data) that call a blockcipher once for each data block (of associated data or a plaintext). However, the existing efficient blockcipher-based TBCs are secure up to the birthday bound, where the underlying keyed blockcipher is a secure strong pseudorandom permutation. Existing blockcipher-based AE schemes with beyond-birthday-bound (BBB) security are not efficient, that is, a blockcipher is called twice or more for each data block. In this paper, we present a TBC, XKX, that offers efficient blockcipher-based AE schemes with BBB security, by combining with efficient TBC-based AE schemes such as ΘCB3 and

scholarly journals Turning Online Ciphers Off

2017 ◽  
pp. 105-142
Author(s):  
Elena Andreeva ◽  
Guy Barwell ◽  
Ritam Bhaumik ◽  
Mridul Nandi ◽  
Dan Page ◽  
...  
Keyword(s):  
Variable Length ◽  
Close Relationship ◽  
Beyond Birthday Bound ◽  
Tweakable Blockciphers ◽  
Full Proof ◽  
Provably Secure

CAESAR has caused a heated discussion regarding the merits of one-pass encryption and online ciphers. The latter is a keyed, length preserving function which outputs ciphertext blocks as soon as the respective plaintext block is available as input. The immediacy of an online cipher affords a clear performance advantage, but it comes at a price: ciphertext blocks cannot depend on later plaintext blocks, limiting diffusion and hence security. We show how one can attain the best of both worlds by providing provably secure constructions, achieving full cipher security, based on applications of an online cipher around blockwise reordering layers. Explicitly, we show that with just two calls to the online cipher, prp security up to the birthday bound is both attainable and maximal. Moreover, we demonstrate that three calls to the online cipher suffice to obtain beyond birthday bound security. We provide a full proof of this for a prp construction, and, in the ±prp setting, security against adversaries who make queries of any single length. As part of our investigation, we extend an observation by Rogaway and Zhang by further highlighting the close relationship between online ciphers and tweakable blockciphers with variable-length tweaks.

scholarly journals Generic Attacks Against Beyond-Birthday-Bound MACs

2018 ◽  
pp. 306-336 ◽  
Author(s):  
Gaëtan Leurent ◽  
Mridul Nandi ◽  
Ferdinand Sibleyras
Keyword(s):  
Generic Attacks ◽  
Beyond Birthday Bound

scholarly journals Single Key Variant of PMAC_Plus

2017 ◽  
pp. 268-305 ◽  
Author(s):  
Nilanjan Datta ◽  
Avijit Dutta ◽  
Mridul Nandi ◽  
Goutam Paul ◽  
Liting Zhang
Keyword(s):  
Standard Model ◽  
Design Principle ◽  
Block Cipher ◽  
Black Box ◽  
Arbitrary Field ◽  
Message Authentication ◽  
Message Authentication Code ◽  
Authentication Code ◽  
Parallel Network ◽  
Beyond Birthday Bound

At CRYPTO 2011, Yasuda proposed the PMAC_Plus message authentication code based on an n-bit block cipher. Its design principle inherits the well known PMAC parallel network with a low additional cost. PMAC_Plus is a rate-1 construction like PMAC (i.e., one block cipher call per n-bit message block) but provides security against all adversaries (under black-box model) making queries altogether consisting of roughly upto 22n/3 blocks (strings of n-bits). Even though PMAC_Plus gives higher security than the standard birthday bound security, with currently available best bound, it provides weaker security than PMAC for certain choices of adversaries. Moreover, unlike PMAC, PMAC_Plus operates with three independent block cipher keys. In this paper, we propose 1k-PMAC_Plus, the first rate-1 single keyed block cipher based BBB (Beyond Birthday Bound) secure (in standard model) deterministic MAC construction without arbitrary field multiplications. 1k-PMAC_Plus, as the name implies, is a simple one-key variant of PMAC_Plus. In addition to the key reduction, we obtain a higher security guarantee than what was proved originally for PMAC_Plus, thus an improvement in two directions.

Sign in / Sign up

Export Citation Format

Share Document