Skip to main content
SpringerLink
Log in

On rate-1 and beyond-the-birthday bound secure online ciphers using tweakable block ciphers

  • Published:
Cryptography and Communications Aims and scope Submit manuscript

Abstract

Recently, Andreeva et al. showed that online ciphers are actually equivalent to arbitrary tweak length (ATL) tweakable block ciphers (TBCs). Within this result they gave a security preserving generic conversion from ATL TBCs to online ciphers. XTX by Minematsu and Iwata is a nice way of extending the tweak space of any fixed tweak length (FTL) TBC using a pAXU hash function. By combining the previous two methods one can get a FTL TBC based online cipher with security in the order of σ2ε where σ is the total number of blocks in all queries, and ε is the pAXU bound of the underlying hash function. In this paper we show that there are genuine practical issues which render it almost impossible to get full security using this approach. We then observe that a recent online enciphering scheme called POEx by Forler et al. is actually an implicit example of this approach. We show a flaw in the analysis of POEx which results in a birthday bound attack and invalidates the beyond-the-birthday bound OSPRP security claim. We take a slightly different approach then the one just mentioned and propose XTC which achieves OSPRP security of O(max(nσ2n, σ22−(n + t))) where t is the tweak size and n is the block size. While doing so we present an impossibility result for t > n which can be of independent interest.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Abed, F., Fluhrer, S.R., Forler, C., List, E., Lucks, S., McGrew, D.A., Wenzel, J.: Pipelineable on-line encryption. In: Fast Software Encryption - 21st International Workshop, FSE 2014, London, UK, March 3-5, 2014. Revised Selected Papers, pp 205–223 (2014)

  2. Amanatidis, G., Boldyreva, A., O’Neill, A.: Provably-secure schemes for basic query support in outsourced databases. In: Data and Applications Security XXI, Proceedings of the 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Security - DBSec 2007, pp 14–30 (2007)

  3. Andreeva, E., Barwell, G., Bhaumik, R., Nandi, M., Page, D., Stam, M.: Turning online ciphers off. IACR Transactions on Symmetric Cryptology 2017(2) (2017)

  4. Andreeva, E., Bogdanov, A., Luykx, A., Mennink, B., Tischhauser, E., Yasuda, K.: Parallelizable and authenticated online ciphers. In: Proceedings of the Advances in Cryptology - ASIACRYPT 2013, Part I, pp 424–443 (2013)

  5. Andreeva, E., Luykx, A., Mennink, B., Yasuda, K.: COBRA: a parallelizable authenticated online cipher without block cipher inverse. In: 21st International Workshop on Fast Software Encryption - FSE 2014. Revised Selected Papers, pp 187–204 (2014)

  6. Bellare, M., Boldyreva, A., Knudsen, L.R., Namprempre, C.: On-line ciphers and the hash-cbc constructions. J. Cryptol. 25(4), 640–679 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  7. Bellare, M., Kilian, J., Rogaway, P.: The security of the cipher block chaining message authentication code. J. Comput. Syst. Sci. 61(3), 362–399 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  8. Bellare, M., Rogaway, P.: The security of triple encryption and a framework for code-based game-playing proofs. In: Advances in Cryptology - EUROCRYPT 2006, Proceedings of the 25Th Annual International Conference on the Theory and Applications of Cryptographic Techniques, St. Petersburg, Russia, May 28 - June 1, 2006, pp 409–426 (2006)

  9. Bernstein, D.J.: Polynomial evaluation and message authentication. http://cr.yp.to/antiforgery/pema-20071022.pdf. Access date is 27 July (2007)

  10. Bhaumik, R., Nandi, M.: Olef: an inverse-free online cipher. an online SPRP with an optimal inverse-free construction. IACR Trans. Symmetric Cryptol. 2016(2), 30–51 (2016)

    Google Scholar 

  11. Black, J., Halevi, S., Krawczyk, H., Krovetz, T., Rogaway, P.: UMAC: fast and secure message authentication. In: Proceedings of the Advances in Cryptology - CRYPTO ’99, pp 216–233 (1999)

  12. Boldyreva, A., Taesombut, N.: Online encryption schemes: new security notions and constructions. In: Topics in Cryptology - CT-RSA 2004, the Cryptographers’ Track at the RSA Conference 2004, San Francisco, CA, USA, February 23–27, 2004, Proceedings, pp 1–14 (2004)

  13. Bossuet, L., Datta, N., Mancillas-López, C., Nandi, M.: Elmd: a pipelineable authenticated encryption and its hardware implementation. IEEE Trans. Comput. 65 (11), 3318–3331 (2016)

    Article  MathSciNet  MATH  Google Scholar 

  14. Carter, L., Wegman, M.N.: Universal classes of hash functions. J. Comput. Syst. Sci. 18(2), 143–154 (1979)

    Article  MathSciNet  MATH  Google Scholar 

  15. Chakraborty, D., Ghosh, S., Sarkar, P.: A fast single-key two-level universal hash function. IACR Trans. Symmetric Cryptol. 2017(1), 106–128 (2017)

    Google Scholar 

  16. Datta, N., Nandi, M.: Elme: a misuse resistant parallel authenticated encryption. In: Proceedings of the 19th Australasian Conference on Information Security and Privacy - ACISP 2014, pp 306–321 (2014)

  17. Fleischmann, E., Forler, C., Lucks, S.: Mcoe: a family of almost foolproof on-line authenticated encryption schemes. In: Fast Software Encryption - 19th International Workshop, FSE 2012. Revised Selected Papers, pp 196–215 (2012)

  18. Forler, C., List, E., Lucks, S., Wenzel, J.: POEX: a beyond-birthday-bound-secure on-line cipher. ArcticCrypt 2016 (2016). https://www.researchgate.net/publication/299565944_POEx_A_Beyond-Birthday-Bound-Secure_On-Line_Cipher. Access date is 27 July 2017

  19. Forler, C., List, E., Lucks, S., Wenzel, J.: POEX: a beyond-birthday-bound-secure on-line cipher. Cryptogr. Commun. (2017). https://doi.org/10.1007/s12095-017-0250-9

  20. Gilbert, E.N., MacWilliams, F.J., Sloane, N.J.A.: Codes which detect deception. Bell Syst. Tech. J. 53, 405–424 (1974)

    Article  MathSciNet  MATH  Google Scholar 

  21. Halevi, S., Krawczyk, H.: MMH: software message authentication in the gbit/second rates. In: Proceedings of the 4th International Workshop on Fast Software Encryption, FSE ’97, pp 172–189 (1997)

  22. Hoang, V.T., Reyhanitabar, R., Rogaway, P., Vizár, D.: Online authenticated-encryption and its nonce-reuse misuse-resistance. In: Proceedings of the 35Th Annual Cryptology Conference on Advances in Cryptology - CRYPTO 2015, Part I, pp 493–517 (2015)

  23. Krovetz, T.: Message authentication on 64-bit architectures. In: Selected Areas in Cryptography, 13Th International Workshop, SAC 2006, Revised Selected Papers, pp 327–341 (2006)

  24. Liskov, M., Rivest, R.L., Wagner, D.A.: Tweakable block ciphers. J. Cryptol. 24(3), 588–613 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  25. Luby, M., Rackoff, C.: How to construct pseudo-random permutations from pseudo-random functions (abstract). In: Proceedings of the Advances in Cryptology - CRYPTO ’85, p 447 (1985)

  26. Mennink, B.: Insuperability of the standard versus ideal model gap for tweakable blockcipher security. Cryptology ePrint Archive Report 2017/474 (2017). http://eprint.iacr.org/2017/474

  27. Minematsu, K., Iwata, T.: Tweak-length extension for tweakable blockciphers. In: Proceedings of the 15th IMA International Conference on Cryptography and Coding - IMACC 2015, Oxford, UK, December 1517, 2015, pp 77–93 (2015)

  28. Nandi, M.: A simple security analysis of hash-cbc and a new efficient one-key online cipher. IACR Cryptology ePrint Archive 2007, 158 (2007)

    Google Scholar 

  29. Nandi, M.: Two new efficient cca-secure online ciphers: MHCBC and MCBC. In: Progress in Cryptology - INDOCRYPT 2008, Proceedings of the 9th International Conference on Cryptology in India, Kharagpur, India, December 14–17, 2008, pp 350–362 (2008)

  30. Nandi, M.: On the minimum number of multiplications necessary for universal hash functions. In: Fast Software Encryption - 21st International Workshop, FSE 2014. Revised Selected Papers, pp 489–508 (2014)

  31. Rabin, M.O., Winograd, S.: Fast evaluation of polynomials by rational preparation. Commun. Pure Appl. Math. 25(4), 433–458 (1972)

    Article  MathSciNet  MATH  Google Scholar 

  32. Rogaway, P., Zhang, H.: Online ciphers from tweakable blockciphers. In: Topics in Cryptology - CT-RSA 2011 - the Cryptographers’ Track at the RSA Conference 2011, San Francisco, CA, USA, February 14–18, 2011. Proceedings, pp 237–249 (2011)

  33. Sarkar, P.: A new multi-linear universal hash family. Des. Codes Crypt. 69(3), 351–367 (2013)

    Article  MathSciNet  MATH  Google Scholar 

  34. Stinson, D.R.: Combinatorial techniques for universal hashing. J. Comput. Syst. Sci. 48(2), 337–346 (1994)

    Article  MathSciNet  MATH  Google Scholar 

  35. Stinson, D.R.: Universal hashing and authentication codes. Des. Codes Crypt. 4(4), 369–380 (1994)

    Article  MathSciNet  MATH  Google Scholar 

  36. Wegman, M.N., Carter, L.: New hash functions and their use in authentication and set equality. J. Comput. Syst. Sci. 22(3), 265–279 (1981)

    Article  MathSciNet  MATH  Google Scholar 

  37. Winograd, S.: A new algorithm for inner product. IEEE Trans. Comput. 17(7), 693–694 (1968)

    Article  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Applied Statistics Unit, Indian Statistical Institute, Kolkata, India

    Ashwin Jha & Mridul Nandi

Authors
  1. Ashwin Jha
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mridul Nandi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ashwin Jha.

Additional information

This article is part of the Topical Collection on Special Issue on Statistics in Design and Analysis of Symmetric Ciphers

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Jha, A., Nandi, M. On rate-1 and beyond-the-birthday bound secure online ciphers using tweakable block ciphers. Cryptogr. Commun. 10, 731–753 (2018). https://doi.org/10.1007/s12095-017-0275-0

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12095-017-0275-0

Keywords

Mathematics Subject Classification (2010)

Search

Navigation