Blockwise Adversarial Model for On-line Ciphers and Symmetric Encryption Schemes
This paper formalizes the security adversarial games for on-line symmetric cryptosystems in a unified framework for deterministic and probabilistic encryption schemes. On-line encryption schemes allow to encrypt messages even if the whole message is not known at the beginning of the encryption. The new introduced adversaries better capture the on-line properties than classical ones. Indeed, in the new model, the adversaries are allowed to send messages block-by-block to the encryption machine and receive the corresponding ciphertext blocks on-the-fly. This kind of attacker is called blockwise adversary and is stronger than standard one which treats messages as atomic objects.
In this paper, we compare the two adversarial models for on-line encryption schemes. For probabilistic encryption schemes, we show that security is not preserved contrary to for deterministic schemes. We prove in appendix of the full version that in this last case, the two models are polynomially equivalent in the number of encrypted blocks. Moreover in the blockwise model, a polynomial number of concurrent accesses to encryption oracles have to be taken into account. This leads to the strongest security notion in this setting. Furthermore, we show that this notion is valid by exhibiting a scheme secure under this security notion.
- 1.Bellare, M., Black, J., Krovetz, T., Rogaway, P.: OCB: A Block-Cipher Mode of Operation for Efficient Authenticated Encryption (2001), Available at http://www.cs.ucdavis.edu/users/~rogaway
- 3.Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A Concrete Security Treatment for Symmetric Encryption. In: Proc. 38th of FOCS, pp. 394–403. IEEE, Los Alamitos (1997)Google Scholar
- 4.Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations Among Notions of Security for Public-Key Encryption Schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998)Google Scholar
- 8.Dwork, C., Naor, M., Sahai, A.: Concurrent Zero-Knowledge. In: Proc. of the 30th STOC, pp. 409–418. ACM Press, New York (1998)Google Scholar
- 15.Herzberg, A., Jarecki, S., Krawczyk, H., Yung, M.: A Tweakable Enciphering Mode. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, Springer, Heidelberg (2003)Google Scholar
- 16.Housley, R.: Cryptographic message syntax. S/MIME Working Group of the IETF(March 1999), Internet-draft draft-ietf-smime-cms-12.txt
- 18.Katz, J., Yung, M.: Complete characterization of security notions for probabilistic private-key encryption. In: STOC 2000. ACM Press, New York (2000)Google Scholar
- 19.NBS. FIPS PUB 81 - DES Modes of Operation (December 1980)Google Scholar