Abstract
In this paper, we investigate the authenticated encryption paradigm, and its security against blockwise adaptive adversaries, mounting chosen ciphertext attacks on on-the-fly cryptographic devices. We remark that most of the existing solutions are insecure in this context, since they provide a decryption oracle for any ciphertext. We then propose a generic construction called Decrypt-Then-Mask, and prove its security in the blockwise adversarial model. The advantage of this proposal is to apply minimal changes to the encryption protocol. In fact, in our solution, only the decryption protocol is modified, while the encryption part is left unchanged. Finally, we propose an instantiation of this scheme, using the encrypted CBC-MAC algorithm, a secure pseudorandom number generator and the Delayed variant of the CBC encryption scheme.
Chapter PDF
Similar content being viewed by others
Keywords
References
An, J.H., Bellare, M.: Does encryption with redundancy provide authenticity. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 512–528. Springer, Heidelberg (2001)
Bellare, M., Canetti, R., Krawczyk, H.: Pseudorandom Functions Revisited: The Cascade Construction and its Concrete Security. In: Proceedings of the 37th Symposium on Foundations of Computer Science, IEEE, Los Alamitos (1996)
Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A Concrete Security Treatment of Symmetric Encryption: Analysis of the DES Modes of operation. In: Proceedings of the 38th Symposium of Foundations of Computer Science, pp. 394–403. IEEE Computer Society Press, Los Alamitos (1997)
Bellare, M., Guérin, R., Rogaway, P.: XOR-MACs: New Methods for Message Authentication using Finite Pseudorandom Functions. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 15–28. Springer, Heidelberg (1995)
Bellare, M., Kilian, J., Rogaway, P.: The Security of the Cipher Block Chaining Message Authentication Code. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 341–358. Springer, Heidelberg (1994)
Bellare, M., Kohno, T., Namprempre, C.: Authenticated Encryption in SSH: Provably Fixing the SSH Binary Packet Protocol. In: Ninth ACM Conference on Computer and Communications Security, pp. 1–11. ACM Press, New York (2002)
Bellare, M., Namprempre, C.: Authenticated Encryption: Relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000)
Bellare, M., Rogaway, P.: Encode then encipher encryption: How to exploit nounces or redundancy in plaintexts for efficient cryptography. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 317–330. Springer, Heidelberg (2000)
Blaze, M., Feigenbaum, J., Naor, M.: A Formal Treatment of Remotely Keyed Encryption. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 251–265. Springer, Heidelberg (1998)
Desai, A., Hevia, A., Yin, Y.L.: A Practice-Oriented Treatment of Pseudorandom Number Generators. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 368–383. Springer, Heidelberg (2002)
Dodis, Y., An, J.H.: Cancelment and its Applications to Authenticated Encryption. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656. Springer, Heidelberg (2003)
FIPS PUB 186-2. Digital Signature Standard. Technical report, National Institute of Standards and Technologies (2001)
Fouque, P.-A., Joux, A., Martinet, G., Valette, F.: Authenticated On-line Encryption (2003), Full version of this paper Available at http://www.di.ens.fr/~fouque
Fouque, P.-A., Martinet, G., Poupard, G.: Practical Symmetric On-line Encryption. In: Johansson, T. (ed.) Proceedings of the Fast Software Encryption Workshop 2003. LNCS, Springer, Heidelberg (2003)
Gennaro, R., Rohatgi, P.: How to Sign Digital Streams. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 180–197. Springer, Heidelberg (1997)
Goldwasser, S., Bellare, M.: Lecture Notes on Cryptography (2001), Available at http://www-cse.ucsd.edu/users/mihir
Joux, A., Martinet, G., Valette, F.: Blockwise-Adaptive Attackers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 17–30. Springer, Heidelberg (2002)
Jutla, C.: Encryption Modes with Almost Free Message Integrity. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 529–544. Springer, Heidelberg (2001)
Katz, J., Yung, M.: Unforgeable Encryption and Chosen Ciphertext Secure Modes of Operation. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 284–299. Springer, Heidelberg (2001)
Petrank, E., Rackoff, C.: CBC-MAC for Real-Time Data Sources. Journal of Cryptology 13(3), 315–338 (2000)
Rogaway, P., Bellare, M., Black, J., Krovetz, T.: OCB: A Block-Cipher Mode of Operation for Efficient Authenticated Encryption. In: Proceedings of the 8th Conference on Computer and Communications Security, pp. 196–205. ACM Press, New York (2001)
Shoup, V.: OAEP reconsidered (Extended Abstract). In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 239–259. Springer, Heidelberg (2001)
Vaudenay, S.: CBC Padding: Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS. In: Knudsen, L. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 534–545. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Fouque, PA., Joux, A., Martinet, G., Valette, F. (2004). Authenticated On-Line Encryption. In: Matsui, M., Zuccherato, R.J. (eds) Selected Areas in Cryptography. SAC 2003. Lecture Notes in Computer Science, vol 3006. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24654-1_11
Download citation
DOI: https://doi.org/10.1007/978-3-540-24654-1_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21370-3
Online ISBN: 978-3-540-24654-1
eBook Packages: Springer Book Archive