Abstract
We present a new scheme called universal block chaining with sum (or chain & sum primitive (C&S) for short), and show its application to the problem of combined encryption and authentication of data. The primitive is a weak CBC-type encryption along with a summing step, and can be used as a front end to stream ciphers to encrypt pages or blocks of data (e.g., in an encrypted file system or in a video stream). Under standard assumptions, the resulting encryption scheme provably acts as a random permutation on the blocks, and has message integrity features of standard CBC encryption. The primitive also yields a very fast message authentication code (MAC), which is a multivariate polynomial evaluation hash. The multivariate feature and the summing aspect are novel parts of the design. Our tests show that the chain & sum primitive adds approximately 20 percent overhead to the fastest stream ciphers.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Download to read the full chapter text
Chapter PDF
References
W. Aiello, S. Rajagopalan, R. Venkatesan, “Design and analysis of provably good random number generators,” ACM SODA-95, pp. 1–9.
W. Aiello, R. Venkatesan, “Foiling birthday attacks in output doubling transformations,” Advances in Cryptology-Eurocrypt 96.
M. Bellare, R. Canetti, H. Krawczyk, “Keying hash functions for message authentication,” Advances in Cryptology-Crypto '96.
M. Bellare, R. Guérin, P. Rogaway, “XOR MACs: New methods for message authentication using finite pseudorandom functions,” Advances in CryptologyCrypto '95, pp. 15–28.
M. Bellare, J. Kilian, P. Rogaway, “On the security of cipher block chaining,” Advances in Cryptology-Crypto '94, pp. 341–358.
J. Golic, “Linear Statistical Weaknesses in Alleged RC4 Keystream Generator,” Advances in Cryptology-Eurocrypt '97, pp. 226–238.
A. Bosselaers, R. Govaerts, J. Vandewalle, “Fast hashing on the Pentium,” Advances in Cryptology-Crypto '96.
G. Brassard, “On computationally secure authentication tags requiring short secret shared keys,” Advances in Cryptology-Crypto '82, pp. 79–82.
S. Halevi, H. Krawczyk, “MMH: Software message authentication in the Gbit/second rates,” Fast Software Encryption Workshop, 1996.
H. Krawczyk, “LFSR-based hashing and authentication,” Advances in Cryptology-Crypto '94, pp. 129–139.
H. Krawczyk, “New hash functions for message authentication,” Advances in Cryptology-Crypto '95, pp. 301–310.
J. Kilian, P. Rogaway, “How to protect DES against exhaustive search,” Advances in Cryptology-Crypto 96.
B. Preneel, P. van Oorschot, “MDx-MAC and building fast MACs from hash functions,” Advances in Cryptology-Crypto '95, pp. 1–14.
P. Rogaway, “Bucket hashing and its application to fast message authentication,” Advances in Cryptology-Crypto '95, pp. 29–42.
V. Shoup, “On fast and provably secure message authentication based on universal hashing,” Advances in CryptologyEurocrypt96. Later versions available from the author.
M. Wegman, L. Carter, “New hash functions and their use in authentication and set equality,” Journal of Computer and System Sciences, 22:265–279, 1981.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jakubowski, M.H., Venkatesan, R. (1998). The chain & sum primitive and its applications to MACs and stream ciphers. In: Nyberg, K. (eds) Advances in Cryptology — EUROCRYPT'98. EUROCRYPT 1998. Lecture Notes in Computer Science, vol 1403. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0054133
Download citation
DOI: https://doi.org/10.1007/BFb0054133
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64518-4
Online ISBN: 978-3-540-69795-4
eBook Packages: Springer Book Archive