Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

International Conference on the Theory and Application of Cryptology and Information Security

ASIACRYPT 2000: Advances in Cryptology — ASIACRYPT 2000 pp 531–545Cite as

  1. Home
  2. Advances in Cryptology — ASIACRYPT 2000
  3. Conference paper
Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm

Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm

  • Mihir Bellare5 &
  • Chanathip Namprempre5 
  • Conference paper
  • First Online: 27 October 2000

  • 9201 Accesses

  • 414 Citations

  • 84 Altmetric

Part of the Lecture Notes in Computer Science book series (LNCS,volume 1976)

Abstract

We consider two possible notions of authenticity for symmetric encryption schemes, namely integrity of plaintexts and integrity of ciphertexts, and relate them to the standard notions of privacy for symmetric encryption schemes by presenting implications and separations between all notions considered. We then analyze the security of authenticated encryption schemes designed by “generic composition,” meaning making black-box use of a given symmetric encryption scheme and a given MAC. Three composition methods are considered, namely Encrypt-and-MAC plaintext, MAC-then-encrypt, and Encrypt-then- MAC. For each of these, and for each notion of security, we indicate whether or not the resulting scheme meets the notion in question assuming the given symmetric encryption scheme is secure against chosen-plaintext attack and the given MAC is unforgeable under chosen-message attack. We provide proofs for the cases where the answer is “yes” and counter-examples for the cases where the answer is “no.”

Keywords

  • Encryption Scheme
  • Authentication Scheme
  • Symmetric Encryption
  • Composition Method
  • Choose Ciphertext Attack

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Chapter PDF

Download to read the full chapter text

References

  1. M. Bellare, R. Canetti AND H. Krawczyk, “Keying hash functions for message authentication,” Advances in Cryptology-Crypto’ 96, LNCS Vol. 1109, N. Koblitz ed., Springer-Verlag, 1996.

    CrossRef  Google Scholar 

  2. M. Bellare, A. Desai, E. Jokipii AND P. Rogaway, “A concrete security treatment of symmetric encryption: Analysis of the DES modes of operation,” Proc. of the 38th IEEE FOCS, IEEE, 1997.

    Google Scholar 

  3. M. Bellare, A. Desai, D. Pointcheval AND P. Rogaway, “Relations among notions of security for public-key encryption schemes,” Advances in Cryptology-Crypto’ 98, LNCS Vol. 1462, H. Krawczyk ed., Springer-Verlag, 1998.

    Google Scholar 

  4. M. Bellare, J. Kilian, P. Rogaway, “The security of the cipher block chaining message authentication code,” Advances in Cryptology-Crypto’ 94, LNCS Vol. 839, Y. Desmedt ed., Springer-Verlag, 1994.

    Google Scholar 

  5. M. Bellare, C. Namprempre, “Authenticated Encryption: Relations among notions and analysis of the generic composition paradigm,” Full version of this paper, available via http://www-cse.ucsd.edu/users/mihir.

  6. M. Bellare AND P. Rogaway, “Encode-then-encipher encryption: How to exploit nonces or redundancy in plaintexts for efficient cryptography,” Advances in Cryptology-ASIACRYPT’ 00, LNCS Vol. ??, T. Okamoto ed., Springer-Verlag, 2000.

    Google Scholar 

  7. M. Bellare AND A. Sahai, “Non-Malleable Encryption: Equivalence between Two Notions, and an Indistinguishability-Based Characterization,” Advances in Cryptology-Crypto’ 99, LNCS Vol. 1666, M. Wiener ed., Springer-Verlag, 1999.

    Google Scholar 

  8. J. Black, S. Halevi, H. Krawczyk, T. Krovetz AND P. Rogaway, “UMAC: Fast and secure message authentication,” Advances in Cryptology-Crypto’ 99, LNCS Vol. 1666, M. Wiener ed., Springer-Verlag, 1999.

    Google Scholar 

  9. A. Desai, “New paradigms for constructing symmetric encryption schemes secure against chosen ciphertext attack,” Advances in Cryptology-Crypto’ 00, LNCS Vol. 1880, M. Bellare ed., Springer-Verlag, 2000.

    Google Scholar 

  10. D. Dolev, C. Dwork, AND M. Naor, “Non-malleable cryptography,” Proc. of the 23rd ACM STOC, ACM, 1991.

    Google Scholar 

  11. D. Dolev, C. Dwork, AND M. Naor, “Non-malleable cryptography,” to appear in SIAM J. Comput.

    Google Scholar 

  12. S. Goldwasser AND S. Micali, “Probabilistic encryption,” Journal of Computer and System Science,Vol. 28, 1984, pp. 270–299.

    CrossRef  MATH  MathSciNet  Google Scholar 

  13. C. Jutla, “Encryption modes with almost free message integrity,” Report 2000/039, Cryptology ePrint Archive, http://eprint.iacr.org/, August 2000.

  14. J. Katz AND M. Yung, “Complete characterization of security notions for probabilistic private-key encryption,” Proc. of the 32ndACM STOC, ACM, 2000.

    Google Scholar 

  15. J. Katz AND M. Yung, “Unforgeable Encryption and Adaptively Secure Modes of Operation,” Fast Software Encryption’ 00, LNCS Vol. ??, B. Schneier ed., Springer-Verlag, 2000.

    Google Scholar 

  16. S. Kent AND R. Atkinson, “IP Encapsulating Security Payload (ESP),” Request for Comments 2406, November 1998.

    Google Scholar 

  17. M. Naor AND M. Yung, “Public-key cryptosystems provably secure against chosen ciphertext attacks,” Proc. of the 22nd ACM STOC, ACM, 1990.

    Google Scholar 

  18. C. Rackoff AND D. Simon, “Non-Interactive zero-knowledge proof of knowledge and chosen ciphertext attack,” Advances in Cryptology-Crypto’ 91, LNCS Vol. 576, J. Feigenbaum ed., Springer-Verlag, 1991.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science & Engineering, University of California at San Diego, 9500 Gilman Drive, 92093, California, La Jolla, USA

    Mihir Bellare & Chanathip Namprempre

Authors
  1. Mihir Bellare
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chanathip Namprempre
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. NTT Laboratories, Nippon Telegraph and Telephone Corporation, 1-1, Hikarinooka, Yokosuka-shi, 239-0847, Kanagawa-ken, Japan

    Tatsuaki Okamoto

Rights and permissions

Reprints and Permissions

Copyright information

© 2000 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bellare, M., Namprempre, C. (2000). Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm. In: Okamoto, T. (eds) Advances in Cryptology — ASIACRYPT 2000. ASIACRYPT 2000. Lecture Notes in Computer Science, vol 1976. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44448-3_41

Download citation

  • .RIS
  • .ENW
  • .BIB

  • DOI: https://doi.org/10.1007/3-540-44448-3_41

  • Published: 27 October 2000

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-41404-9

  • Online ISBN: 978-3-540-44448-0

  • eBook Packages: Springer Book Archive

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

18.206.12.157

Not affiliated

Springer Nature

© 2023 Springer Nature