Selected Areas in Cryptography

Volume 3357 of the series Lecture Notes in Computer Science pp 212-226

Blockwise Adversarial Model for On-line Ciphers and Symmetric Encryption Schemes

  • Pierre-Alain FouqueAffiliated withDépartement d’Informatique, École normale supérieure
  • , Antoine JouxAffiliated withDCSSI CryptoLab
  • , Guillaume PoupardAffiliated withDCSSI CryptoLab

* Final gross prices may vary according to local VAT.

Get Access


This paper formalizes the security adversarial games for on-line symmetric cryptosystems in a unified framework for deterministic and probabilistic encryption schemes. On-line encryption schemes allow to encrypt messages even if the whole message is not known at the beginning of the encryption. The new introduced adversaries better capture the on-line properties than classical ones. Indeed, in the new model, the adversaries are allowed to send messages block-by-block to the encryption machine and receive the corresponding ciphertext blocks on-the-fly. This kind of attacker is called blockwise adversary and is stronger than standard one which treats messages as atomic objects.

In this paper, we compare the two adversarial models for on-line encryption schemes. For probabilistic encryption schemes, we show that security is not preserved contrary to for deterministic schemes. We prove in appendix of the full version that in this last case, the two models are polynomially equivalent in the number of encrypted blocks. Moreover in the blockwise model, a polynomial number of concurrent accesses to encryption oracles have to be taken into account. This leads to the strongest security notion in this setting. Furthermore, we show that this notion is valid by exhibiting a scheme secure under this security notion.