Abstract
Here, we present a generalized notion of online modes of encryption that make one call to a pseudorandom permutation per block of plaintext. This generalization, called “Canonical Form,” not only allows for modes of encryption to be written in a common format, but provides for easy proofs of blockwise-adaptive chosen-plaintext (BACPA) security/insecurity.
We also develop necessary and sufficient conditions for security of a mode of encryption in Canonical Form. As an application, we write ten modes of encryption in Canonical Form, and we prove the security status (under BACPA) of nine of them. While most of these modes already had proven BACPA security status in previously published papers, it is hoped the more general method specified here will be of use in writing simpler proofs for other modes, including modes of encryption yet to be developed.
BACPA is a model for adversaries slightly more powerful than those in traditional chosen-plaintext attack. In particular, instead of forcing the target to encrypt messages of his/her own choosing, the attacker can insert blocks of his/her own choosing into the target’s messages [JMV02]. Some modes of encryption which are secure against traditional CPA, for example the ubiquitous Cipher Block Chaining (CBC), are insecure against BACPA. Several papers have been written to explore BACPA and modes of encryption under it.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bard, G.: A challenging but feasible blockwise-adaptive chosen-plaintext attack on ssl. In: ICETE/SECRYPT 2006. Proc. IEEE International Conference on Security and Cryptography (2006), http://eprint.iacr.org/2006/136
Bard, G.: Modes of encryption secure against blockwise-adaptive chosen-plaintext attack. Cryptology ePrint Archive, Report 2006/271 (2006), http://eprint.iacr.org/2006/271 and http://www.math.umd.edu/~bardg (March 26, 2004)
Bellare, M., Boldyreva, A., Knudsen, L., Namprempre, C.: On-line ciphers, and the hash-cbc constructions. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, Springer, Heidelberg (2001)
Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption: Analysis of the des modes of operation. In: FOCS 1997. Proc. of the 38th Annual IEEE Symposium on Foundations of Computer Science (1997)
Bellare, M., Kohno, T., Namprempe, C.: Authenticated encryption in ssh: Provably fixing the ssh binary packet protocol. In: CCS 2002. Proc. Ninth ACM Conference on Computer And Communications Security (2002)
Black, J., Rogaway, P., Shrimpton, T.: Encryption-scheme security in the presence of key-dependent messages. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, Springer, Heidelberg (2003)
Boldyreva, A., Taesombut, N.: on-line encryption schemes: New security notions and constructions. In: RSA 2004. Proc. RSA Conference, Cryptographer’s Track (2004)
Campbell, C.: Design and specification of cryptographic capabilities. Technical report, US Department of Commerce (1978)
Cover, T., Thomas, J.: Information Theory, 2nd edn. Wiley-Interscience, Chichester (2006)
Fouque, P., Joux, A., Martinet, G., Valette, F.: Authenticated on-line encryption. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, Springer, Heidelberg (2004)
Fouque, P., Joux, A., Poupard, G.: Blockwise adversarial model for on-line ciphers and symmetric encryption schemes. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, Springer, Heidelberg (2004)
Fouque, P., Martinet, G., Poupard, G.: Practical symmetric on-line encryption. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, Springer, Heidelberg (2003)
Gligor, V., Donescu, P.: On message integrity in symmetric encryption. In: Proc. 1st NIST Workshop on AES Modes of Operation (2000)
Joux, A., Martinet, G., Valette, F.: Blockwise-adaptive attacks. revisiting the (in)security of some provably secure encryption modes: Cbc, gem, iacbc. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, Springer, Heidelberg (2002)
Knudsen, L.: Block chaining modes of operation. In: Proc. Symmetric Key Block Cipher Modes of Operation Workshop (2000)
Katz, J., Yung, M.: Complete characterization of security notions for probabilistic private-key encryption. In: Proc. 32nd ACM Annual Symposium on Theory of Computing (2000)
The u-tube website, http://www.utube.com
Vaudeney, S.: Security flaws induced by cbc padding - applications to ssl, ipsec, wtls.. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bard, G.V. (2007). Blockwise-Adaptive Chosen-Plaintext Attack and Online Modes of Encryption. In: Galbraith, S.D. (eds) Cryptography and Coding. Cryptography and Coding 2007. Lecture Notes in Computer Science, vol 4887. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77272-9_9
Download citation
DOI: https://doi.org/10.1007/978-3-540-77272-9_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77271-2
Online ISBN: 978-3-540-77272-9
eBook Packages: Computer ScienceComputer Science (R0)