Encryption Modes with Almost Free Message Integrity

  • Charanjit S. Jutla
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2045)


We define a new mode of operation for block encryption which in addition to assuring confidentiality also assures message integrity. In contrast, previously for message integrity a separate pass was required to compute a cryptographic message authentication code (MAC). The new mode of operation, called Integrity Aware CBC (IACBC) requires a total of m + 2 block encryptions on a plain-text of length m blocks. The well known CBC (cipher block chaining) mode requires m block encryptions. The second pass of computing the CBCMAC essentially requires additional m block encryptions. A new highly parallelizable mode (IAPM) is also shown to be secure for both encryption and message integrity.


Encryption Scheme Block Cipher Message Authentication Code Cryptographic Operation Encryption Mode 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    ANSI X3.106, “American National Standard for Information Systems-Data Encryption Algorithm-Modes of Operation”, American National Standards Institute, 1983.Google Scholar
  2. 2.
    M. Bellare, A. Desai, E. Jokiph, P. Rogaway, “A Concrete Security Treatment of Symmetric Encryption: Analysis of the DES Modes of OPeration”, 38th IEEE FOCS, 1997Google Scholar
  3. 3.
    J. Black, S. Halevi, H. Krawczyk, T. Krovetz and P. Rogaway, “UMAC: Fast and secure message authentication”, Advances in Cryptology-Crypto 99, LNCS 1666, 1999CrossRefGoogle Scholar
  4. 4.
    M. Bellare, J. Kilian, P. Rogaway, “The Security of Cipher Block Chaining”, CRYPTO 94, LNCS 839, 1994Google Scholar
  5. 5.
    M. Bellare, C. Namprempre, “Authenticated Encryption: Relations among notions and analysis of the generic composition paradigm”, Proc. Asiacrypt 2000, T. Okamoto ed., Springer Verlag 2000Google Scholar
  6. 6.
    V.D. Gligor, P. Donescu, “Integrity Aware PCBC Encryption Schemes”, 7th Intl. Workshop on Security Protocols, Cambridge, LNCS, 1999Google Scholar
  7. 7.
    V.D. Gligor, P. Donescu, “Fast Encryption Authentication: XCBC Encryption and XECB Authentication Modes”,
  8. 8.
    Hugo Krawczyk, “LFSR-based Hashing and Authentication”, Proc. Crypto 94. LNCS 839, 1994Google Scholar
  9. 9.
    ISO 8372, “Information processing-Modes of operation for a 64-bit block cipher algorithm”, International Organization for Standardization, Geneva, Switzerland, 1987Google Scholar
  10. 10.
    ISO/IEC 9797, “Data cryptographic techniques-Data integrity mechanism using a cryptographic check function employing a block cipher algorithm”, 1989Google Scholar
  11. 11.
    J. Katz and M. Yung, “Unforgeable Encryption and Adaptively Secure Modes of Operation”, Fast Software Encryption 2000.Google Scholar
  12. 12.
    M. Luby, “Pseudorandomness and Cryptographic Applications”, Princeton Computer Science Notes, Princeton Univ. Press, 1996Google Scholar
  13. 13.
    C.H. Meyer, S. M. Matyas, “Cryptography: A New Dimension in Computer Data Security”, John Wiley and Sons, New York, 1982zbMATHGoogle Scholar
  14. 14.
    National Bureau of Standards, NBS FIPS PUB 81, “DES modes of operation”, U.S. Department of Commerce, 1980.Google Scholar
  15. 15.
    National Bureau of Standards, Data Encryption Standard, U.S. Department of Commerce, FIPS 46 (1977)Google Scholar
  16. 16.
    RFC 1510,“The Kerberos network authentication service (V5)”, J. Kohl and B.C. Neuman, Sept 1993Google Scholar
  17. 17.
    Security Architecture for the Internet Protocol, RFC 2401,
  18. 18.
    S.G. Stubblebine and V.D. Gligor, “On message integrity in cryptographic protocols”, Proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, 1992.Google Scholar
  19. 19.
    The TLS Protocol, RFC2246,

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Charanjit S. Jutla
    • 1
  1. 1.IBM T. J. Watson Research CenterYorktown Heights

Personalised recommendations