Blockwise Adversarial Model for On-line Ciphers and Symmetric Encryption Schemes

  • Pierre-Alain Fouque
  • Antoine Joux
  • Guillaume Poupard
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3357)

Abstract

This paper formalizes the security adversarial games for on-line symmetric cryptosystems in a unified framework for deterministic and probabilistic encryption schemes. On-line encryption schemes allow to encrypt messages even if the whole message is not known at the beginning of the encryption. The new introduced adversaries better capture the on-line properties than classical ones. Indeed, in the new model, the adversaries are allowed to send messages block-by-block to the encryption machine and receive the corresponding ciphertext blocks on-the-fly. This kind of attacker is called blockwise adversary and is stronger than standard one which treats messages as atomic objects.

In this paper, we compare the two adversarial models for on-line encryption schemes. For probabilistic encryption schemes, we show that security is not preserved contrary to for deterministic schemes. We prove in appendix of the full version that in this last case, the two models are polynomially equivalent in the number of encrypted blocks. Moreover in the blockwise model, a polynomial number of concurrent accesses to encryption oracles have to be taken into account. This leads to the strongest security notion in this setting. Furthermore, we show that this notion is valid by exhibiting a scheme secure under this security notion.

References

  1. 1.
    Bellare, M., Black, J., Krovetz, T., Rogaway, P.: OCB: A Block-Cipher Mode of Operation for Efficient Authenticated Encryption (2001), Available at http://www.cs.ucdavis.edu/users/~rogaway
  2. 2.
    Bellare, M., Boldyreva, A., Knudsen, L., Namprempre, C.: On-Line Ciphers and the Hash-CBC Constructions. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 292–309. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A Concrete Security Treatment for Symmetric Encryption. In: Proc. 38th of FOCS, pp. 394–403. IEEE, Los Alamitos (1997)Google Scholar
  4. 4.
    Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations Among Notions of Security for Public-Key Encryption Schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998)Google Scholar
  5. 5.
    Bellare, M., Rogaway, P.: On the Construction of Variable-Input-Length Ciphers. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, p. 231. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  6. 6.
    Boldyreva, A., Taesombut, N.: Online Encryption Schemes: New Security Notions and Constructions. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 1–14. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  7. 7.
    Dodis, Y., An, J.H.: Concealment and Its Applications to Authenticated Encryption. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 312–329. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Dwork, C., Naor, M., Sahai, A.: Concurrent Zero-Knowledge. In: Proc. of the 30th STOC, pp. 409–418. ACM Press, New York (1998)Google Scholar
  9. 9.
    Fouque, P.A., Joux, A., Martinet, G., Valette, F.: Authenticated On-line Encryption. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    Fouque, P.A., Martinet, G., Poupard, G.: Practical Symmetric On-Line Encryption. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 362–375. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  11. 11.
    Fouque, P.A., Joux, A., Poupard, G.: Blockwise adversarial model for on-line ciphers and symmetric encryption schemes. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 212–226. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  12. 12.
    Goldreich, O.: Basic Tools. Foundations of Cryptography. Weizmann Institute of Science, Cambridge University Press, Cambridge (2001)MATHCrossRefGoogle Scholar
  13. 13.
    Goldreich, O., Goldwasser, S., Micali, S.: How to Construct Random Functions. Journal of the ACM 33(4), 210–217 (1986)CrossRefMathSciNetGoogle Scholar
  14. 14.
    Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences 28, 270–299 (1984)MATHCrossRefMathSciNetGoogle Scholar
  15. 15.
    Herzberg, A., Jarecki, S., Krawczyk, H., Yung, M.: A Tweakable Enciphering Mode. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, Springer, Heidelberg (2003)Google Scholar
  16. 16.
    Housley, R.: Cryptographic message syntax. S/MIME Working Group of the IETF(March 1999), Internet-draft draft-ietf-smime-cms-12.txt
  17. 17.
    Joux, A., Martinet, G., Valette, F.: Blockwise-Adaptive Attackers: Revisiting the (in)security of some provably secure Encryptions Modes: CBC, GEM, IACBC. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 17–31. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  18. 18.
    Katz, J., Yung, M.: Complete characterization of security notions for probabilistic private-key encryption. In: STOC 2000. ACM Press, New York (2000)Google Scholar
  19. 19.
    NBS. FIPS PUB 81 - DES Modes of Operation (December 1980)Google Scholar
  20. 20.
    Rivest, R.L.: All-or-nothing encryption and the package transform. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 210–218. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  21. 21.
    Shoup, V.: OAEP Reconsidered. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 239–259. Springer, Heidelberg (2001)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Pierre-Alain Fouque
    • 1
  • Antoine Joux
    • 2
  • Guillaume Poupard
    • 2
  1. 1.Département d’InformatiqueÉcole normale supérieureParis 5France
  2. 2.DCSSI CryptoLabParis SPFrance

Personalised recommendations