Abstract
We present the eXtended Ciphertext Block Chaining (XCBC) and the eXtended Electronic Codebook (XECB) encryption schemes or modes of encryption that can detect encrypted-message forgeries with high probability even when used with typical non-cryptographic Manipulation Detection Code (MDC) functions (e.g., bitwise exclusive-or and cyclic redundancy code (CRC) functions). These modes detect encrypted-message forgeries at low cost in performance, power, and implementation, and preserve both message secrecy and integrity in a single pass over the message data. Their performance and security scale directly with those of the underlying block cipher function. We also present the XECB message authentication (XECB-MAC) modes that have all the operational properties of the XOR-MAC modes (e.g., fully parallel and pipelined operation, incremental updates, and out-of-order verification), and have better performance. They are intended for use either stand-alone or with encryption modes that have similar properties (e.g., counter-based XOR encryption). However, the XECB-MAC modes have higher upper bounds on the probability of adversary’s success in producing a forgery than the XOR-MAC modes.
This work was performed while this author was on sabbatical leave from the University of Maryland, Department of Electrical and Computer Engineering, College Park, Maryland 20742.
Chapter PDF
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
M. Bellare, A. Desai, E. Jokipii, and P. Rogaway, “A Concrete Security Treatment of Symmetric Encryption,” Proceedings of the 38th Symposium on Foundations of Computer Science, IEEE, 1997, (394–403). A full version of this paper is available at http://www-cse.ucsd.edu/users/mihir .
M. Bellare, R. Guerin, and P. Rogaway, “XOR MACs: New methods for message authentication using finite pseudo-random functions”, Advances in Cryptology-CRYPTO’ 95 (LNCS 963), 15–28, 1995.(Also U.S. Patent No. 5,757,913, May 1998, and U.S. Patent No. 5,673,318, Sept. 1997.)
M. Bellare and C. Namprempre, “Authenticated Encryption: Relations among notions and analysis of the generic composition paradigm,” manuscript, May 26, 2000. http://eprint.iacr.org/2000.025.ps .
E. Buonanno, J. Katz and M. Yung, “Incremental Unforgeable Encryption, ” Proc. Fast Software Encryption 2001, M. Matsui (ed.) (to appear in Springer-Verlag, LNCS).
C.M. Campbell, “Design and Specification of Cryptographic Capabilities,” in Computer Security and the Data Encryption Standard, (D.K. Brandstad (ed.)) National Bureau of Standards Special Publications 500-27, U.S. Department of Commerce, February 1978, pp. 54–66.
Open Software Foundation, “OSF-Distributed Computing Environment (DCE), Remote Procedure Call Mechanisms,” Code Snapshot 3, Release, 1.0, March 17, 1991.
V.D. Gligor and B. G. Lindsay, “Object Migration and Authentication,” IEEE-Transactions on Software Engineering, SE-5 Vol. 6, November 1979. (Also IBM-Research Report RJ 2298 (3l04), August 1978.)
V.D. Gligor, and P. Donescu, “Integrity-Aware PCBC Schemes,” in Proc. of the 7th Int’l Workshop on Security Protocols, (B. Christianson, B. Crispo, and M. Roe (eds.)), Cambridge, U.K., LNCS 1796, April 2000.
R.R. Juneman, S.M. Mathias, and C.H. Meyer, ”Message Authentication with Manipulation Detection Codes,” Proc. of the IEEE Symp. on Security and Privacy, Oakland, CA., April 1983, pp. 33–54.
J. Katz and M. Yung, “Complete characterization of security notions for probabilistic private-key encryption,” Proc. of the 32nd Annual Symp. on the Theory of Computing, ACM 2000.
J. Katz and M. Yung, “Unforgeable Encryption and Adaptively Secure Modes of Operation,” Proc. Fast Software Encryption 2000, B. Schneir (ed.) (to appear in Springer-Verlag, LNCS).
D.E. Knuth, “The Art of Computer Programming-Volume 2: Seminumerical Algorithms,” Addison-Wesley, 1981 (second edition), Chapter 3.
J.T. Kohl, “The use of encryption in Kerberos for network authentication”, Advances in Cryptology-CRYPTO’ 89 (LNCS 435), 35–43, 1990.
C.S. Jutla, “Encryption Modes with Almost Free Message Integrity,” IBM T.J. Watson Research Center, Yorktown Heights, NY 10598, manuscript, August 1, 2000. http://eprint.iacr.org/2000/039 .
M Luby and C. Rackoff, “How to construct pseudorandom permutations from pseudorandom functions”, SIAM J. Computing, Vol. 17, No. 2, April 1988.
A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography, CRC Press, Boca Raton, 1997.
M. Naor and O. Reingold, “From Unpredictability to Indistinguishability: A Simple Construction of Pseudo-Random Functions from MACs,” Advances in Cryptology-CRYPTO’ 98 (LNCS 1462), 267–282, 1998.
RFC 1510, “The Kerberos network authentication service (V5)”, Internet Request for Comments 1510, J. Kohl and B.C. Neuman, September 1993.
P. Rogaway, “The Security of DESX,” RSA Laboratories Cryptobytes, Vol. 2, No. 2, Summer 1996.
P. Rogaway, “OCB Mode: Parallelizable Authenticated Encryption”, Preliminary Draft, October 16, 2000, available at http://csrc.nist.gov/encryption/aes/modes/rogaway-ocb1.pdf .
P. Rogaway, “PMAC: A Parallelizable Message Authentication Mode,” Preliminary Draft, October 16, 2000, available at http://csrc.nist.gov/encryption/aes/modes/rogaway-pmac1.pdf .
S. G. Stubblebine and V. D. Gligor, “On message integrity in cryptographic protocols”, Proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, 85–104, 1992.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gligor, V.D., Donescu, P. (2002). Fast Encryption and Authentication: XCBC Encryption and XECB Authentication Modes. In: Matsui, M. (eds) Fast Software Encryption. FSE 2001. Lecture Notes in Computer Science, vol 2355. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45473-X_8
Download citation
DOI: https://doi.org/10.1007/3-540-45473-X_8
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43869-4
Online ISBN: 978-3-540-45473-1
eBook Packages: Springer Book Archive