Advertisement

Two-Pass Authenticated Encryption Faster Than Generic Composition

  • Stefan Lucks
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3557)

Abstract

This paper introduces CCFB and CCFB+H, two patent-free authenticated encryption schemes. CCFB+H also supports the authentication of associated data. Our schemes can employ any block cipher and are provably secure under standard assumptions. The schemes and their proofs of security are simple and straightforward. CCFB and CCFB+H restrict the sizes of nonce and authentication tags and can, depending on these sizes, perform significantly better than both generic composition and other two-pass schemes for authenticated encryption, such as the EAX mode.

Keywords

authenticated encryption associated data provable security OMAC 

References

  1. 1.
    Bellare, M., Rogaway, P., Wagner, D.: EAX: a conventional authenticated encryption mode. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 389–407. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Rogaway, P., Wagner, D.: EAX: a conventional authenticated encryption mode. Extended version of [1], http://www.cs.berkeley.edu/~daw/papers/eax-fse04.ps
  3. 3.
    Bellare, M., Namprempre, C.: Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, p. 531. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  4. 4.
    Gligor, V., Donescu, P.: Fast encryption and authentication: XCBC encryption and XECB authentication modes. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, p. 92. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  5. 5.
    Iwata, T., Kurosawa, K.: OMAC: One-key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129–153. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Iwata, T., Kurosawa, K.: OMAC: One-Key CBC MAC. Extended Version of [5], http://crypt.cis.ibaraki.ac.jp/omac/docs/omac.pdf
  7. 7.
    Jutla, C.S.: Encryption modes with almost free message integrity. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, p. 529. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Katz, J., Yung, M.: Unforgeable encryption and chosen ciphertext secure modes of operation. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, p. 284. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Kohno, T., Viega, J., Whiting, D.: CWC: A high-performance conventional authenticated encryption mode. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 408–426. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    Kohno, T., Viega, J., Whiting, D.: CWC: a high performance conventional authenticated encryption mode. Extended version of [9], http://eprint.iacr.org/2003/106.ps.gz
  11. 11.
    McGrew, D., Viega, J.: The Security and Performance of the Galois/Counter Mode of Operation (Full Version), http://eprint.iacr.org/2004/193
  12. 12.
    Rogaway, P.: Authenticated encryption with associated data. In: Computer and Communications Security. ACM, New York (2002)Google Scholar
  13. 13.
    Rogaway, P., Bellare, M., Black, J., Krovetz, T.: OCB: A block-cipher mode of operation for efficient authenticated encryption. In: Computer and Communications Security, ACM, New York (2001)Google Scholar
  14. 14.
    Rogaway, P., Wagner, D.: A critique of CCM. Unpublished manuscript (February 2 2003), http://www.cs.berkeley.edu/~daw/papers/ccm.html
  15. 15.
    Whiting, D., Hously, R., Ferguson, N.: Counter with CBC-MAC (CCM). Submission to NISTGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Stefan Lucks
    • 1
  1. 1.University of MannheimGermany

Personalised recommendations