On Symmetric Encryption with Distinguishable Decryption Failures

  • Alexandra Boldyreva
  • Jean Paul Degabriele
  • Kenneth G. Paterson
  • Martijn Stam
Conference paper

DOI: 10.1007/978-3-662-43933-3_19

Volume 8424 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Boldyreva A., Degabriele J.P., Paterson K.G., Stam M. (2014) On Symmetric Encryption with Distinguishable Decryption Failures. In: Moriai S. (eds) Fast Software Encryption. FSE 2013. Lecture Notes in Computer Science, vol 8424. Springer, Berlin, Heidelberg

Abstract

We propose to relax the assumption that decryption failures are indistinguishable in security models for symmetric encryption. Our main purpose is to build models that better reflect the reality of cryptographic implementations, and to surface the security issues that arise from doing so. We systematically explore the consequences of this relaxation, with some surprising consequences for our understanding of this basic cryptographic primitive. Our results should be useful to practitioners who wish to build accurate models of their implementations and then analyse them. They should also be of value to more theoretical cryptographers proposing new encryption schemes, who, in an ideal world, would be compelled by this work to consider the possibility that their schemes might leak more than simple decryption failures.

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Alexandra Boldyreva
    • 1
  • Jean Paul Degabriele
    • 2
  • Kenneth G. Paterson
    • 2
  • Martijn Stam
    • 3
  1. 1.Georgia Institute of TechnologyAtlantaUSA
  2. 2.Royal HollowayUniversity of LondonLondonUK
  3. 3.University of BristolBristolUK