Improved Authenticity Bound of EAX, and Refinements
EAX is a mode of operation for blockciphers to implement an authenticated encryption. The original paper of EAX proved that EAX is unforgeable up to O(2n/2) data with one verification query. However, this generally guarantees a rather weak bound for the unforgeability under multiple verification queries, i.e., only (2n/3) data is acceptable.
This paper provides an improvement over the previous security proof, by showing that EAX is unforgeable up to O(2n/2) data with multiple verification queries. Our security proof is based on the techniques appeared in a paper of FSE 2013 by Minematsu et al. which studied the security of a variant of EAX called EAX-prime. We also provide some ideas to reduce the complexity of EAX while keeping our new security bound. In particular, EAX needs three blockcipher calls and keep them in memory as a pre-processing, and our proposals can effectively reduce three calls to one call. This would be useful when computational power and memory are constrained.
KeywordsAuthenticated encryption EAX security bound
Unable to display preview. Download preview PDF.
- 1.Bouncy Castle, http://www.bouncycastle.org/
- 2.Information technology - Security techniques - Authenticated encryption. ISO/IEC 19772:2009 (2009)Google Scholar
- 3.Bellare, M., Goldreich, O., Mityagin, A.: The Power of Verification Queries in Message Authentication and Authenticated Encryption. Cryptology ePrint Archive, Report 2004/309 (2004), http://eprint.iacr.org/
- 4.Bellare, M., Rogaway, P., Wagner, D.: The EAX Mode of Operation (A Two-Pass Authenticated-Encryption Scheme Optimized for Simplicity and Efficiency), http://www.cs.ucdavis.edu/~rogaway/papers/eax.pdf
- 5.Bellare, M., Rogaway, P., Wagner, D.: The EAX Mode of Operation. In: Roy, Meier (eds.) , pp. 389–407Google Scholar
- 8.Dai, W.: Crypto++ Library, http://www.cryptopp.com/
- 9.Gladman, B.: http://www.gladman.me.uk/
- 12.Minematsu, K., Lucks, S., Iwata, T.: Improved Authenticity Bound of EAX, and Refinements. Full-version of Provable Security 2013 (2013), http://eprint.iacr.org/
- 13.Minematsu, K., Lucks, S., Morita, H., Iwata, T.: Attacks and Security Proofs of EAX-Prime. Pre-proceedings of Fast Software Encryption 2013 (2013), full-version available at http://eprint.iacr.org/2012/018
- 15.Rogaway, P.: Nonce-Based Symmetric Encryption. In: Roy, Meier (eds.) , pp. 348–359Google Scholar
- 18.Zeng, G., Han, W., He, K.: High Efficiency Feedback Shift Register: σ-LFSR. Cryptology ePrint Archive, Report 2007/114 (2007), http://eprint.iacr.org/