A New Mode of Operation for Block Ciphers and Length-Preserving MACs.

We propose a new mode of operation, enciphered CBC, for domain extension of length-preserving functions (like block ciphers), which is a variation on the popular CBC mode of operation. ... This provides a hedge against the security of the block cipher: if the block cipher is pseudorandom, one gets a VIL-PRF, while if it is "only" unpredictable, one "at least" gets a VIL-MAC. ... Acknowledgments: We would like the thank Dan Boneh, Marc Fischlin and Phillip Rogaway for several very useful conversations in the early stages of this work. ...

doi:10.1007/978-3-540-78967-3_12 dblp:conf/eurocrypt/DodisPP08 fatcat:p2m2du6q2je7dgduj54dm3jkvm

Our VIL mode of operation make s a v ariable-input-length cipher from any block cipher. ... Whereas a block cipher enciphers messages of some one particular length the blocklength, a variable-input-length cipher takes messages of varying and preferably arbitrary lengths. ... And thanks to Stefan Lucks and Ron Rivest for their comments on an earlier version of this work. ...

doi:10.1007/3-540-48519-8_17 fatcat:vie4wr3y7re7hpmeueambarmnm

A competition between block cipher and stream cipher is presented and showed the reason of using block cipher rather than stream cipher. ... <span>This paper introduces a new cryptographic hash function that follows sponge construction. Paper begins with outlining the structure of the construction. ... The flexibility of block mode allows building anything from stream ciphers to hash functions or MACs. Both, stream and block ciphers look secure enough to use. ...

doi:10.11591/ijeecs.v10.i2.pp827-832 fatcat:plgc6b2gyjha7kygwjr44q5zly

Open Access

Two symmetric ciphers, AES and PRESENT, and two hash functions, SHA and SPONGENT, are used as the underlying primitives for the generic compositions. ... Authenticated encryption is a mechanism to provide these systems with confidentiality, integrity, and authentication of sensitive data. ... Acknowledgments This work was supported by CONACyT [Grants nos. 393070 and 336750] and CINVESTAV. ...

doi:10.1155/2018/5087065 fatcat:hukeem4m5fhijfecdtdrg46rmu

DOAJ

In addition to modes of operation, this chapter also discusses two very useful techniques for increasing the security of block ciphers, namely key whitening and multiple encryption. ... In this chapter you will learn the most important modes of operation for block ciphers in practice security pitfalls when using modes of operations the principles of key whitening why double encryption ... Perform one block cipher operation for every new plaintext byte. ...

doi:10.1007/978-3-642-04101-3_5 fatcat:m4iqzui5qff4jjw77cjqzfye4u

We introduce CWC, a new block cipher mode of operation for protecting both the privacy and the authenticity of encapsulated data. ... Our new mode of operation, called CWC, has all five of the properties mentioned above. It is provably secure. ... Kohno was supported by a National Defense Science and Engineering Fellowship. ...

doi:10.1007/978-3-540-25937-4_26 fatcat:jgywegft2reepgumhcq25m4d4a

1 Block Cipher Modes of Operation from a Hardware Implementation Perspective 3 C ∈ {0, 1} * as its output. ... P b of length n, where n is the block length handled by the cipher. ... The authors gratefully acknowledge the valuable participation of Emmanuel López-Trejo in the AES-CCM hardware design described in this paper. ...

doi:10.1007/978-0-387-71817-0_12 fatcat:g3mgax6nqfe67lyh5q2nl2ylke

This new encryption mechanism is based on the block cipher operation mode called PSCFB (Pipelined Statistical Cipher Feedback) and the modulo operation. ... In this work a new self-synchronized symmetric encryption solution for high speed communication systems necessary to preserve the format of the plaintext is proposed, developed and tested. ... Since this new proposed operation mode uses as underlying block cipher a recommended binary block cipher instead of an FPE one, as in [14] and [18] , it is possible to reduce the hardware complexity ...

doi:10.1109/access.2020.2993550 fatcat:ewcyggul55avzlajvvjiujxxgu

DOAJ

Resistance to SCA for other MAC configurations Hypothesis New hash and compression function modes as SHA-3 candidates Compression function modes could be based on block ciphers (PGV) SHA-3 requirement ... How to design a block cipher based multi-property preserving hash construction which is also a SCA resistant when it is instantiated with any of the secure PGV schemes Design of a provably secure MAC ... Padding procedure in BNMAC does not depend on the message length Recovery of k 1 depends on the architecture of f k 2 is enough to forge BNMAC: ) ⊕ E m 2 (P (H 1 )) = H 2 using N 2 of m 1 m 2 and recover ...

doi:10.1007/978-3-540-88625-9_8 fatcat:j672czagorfvtk7v4zblorclp4

Their performance and security scale directly with those of the underlying block cipher function. ... We also present the XECB message authentication (XECB-MAC) modes that have all the operational properties of the XOR-MAC modes (e.g., fully parallel and pipelined operation, incremental updates, and out-oforder ... We thank David Wagner for pointing out an oversight in an earlier version of Theorem 1, Tal Malkin for her thoughtful comments and suggestions, Omer Horvitz and Radostina Koleva for their careful reading ...

doi:10.1007/3-540-45473-x_8 fatcat:e5fu7kvyp5fxzexrbfak73s4pe

Our mode has the following properties, when instantiated with a block cipher f to yield a variable-length, keyed hash function H: (1) MAC Preservation. ... We design an efficient mode of operation on block ciphers, SS-NMAC. ... We also notice that our new mode has the following desirable multi-property preservation guarantee advocated by [7] : if the block cipher is unpredictable, we get a MAC with message security roughly 2 ...

doi:10.1007/978-3-642-03356-8_16 fatcat:uzgghr6gvrbpdbae4v3vakfapm

We present a general construction of related-key secure MACs. ... Next, we consider the construction of variable-input-length MACs from fixed-input-length related-key unpredictable functions. We present simple attacks against XCBC and TMAC. ... We are grateful to the anonymous reviewers of FSE 2013 for insightful comments. ...

doi:10.1007/978-3-662-43933-3_16 fatcat:yz3xlvuk4zcgvbets5efbfc5sm

We presents a compositional Hoare logic for proving semantic security of modes of operation for symmetric key block ciphers. ... We were able to use our method to verify semantic security of several encryption modes including Cipher Block Chaining (CBC), Cipher Feedback mode (CFB), Output Feedback (OFB), and Counter mode (CTR). ... A mode of operation is a method of using a block cipher on an arbitrary length message. ...

doi:10.1007/978-3-642-10622-4_4 fatcat:hek353fjhnaxxhelvwrspmd2py

Considering the hardware limitations of BSN, we propose a tunable lightweight MAC based on the PRESENT block cipher, which is named TuLP. ... The analysis exploits the fact that the recommended MACs for WSN, e.g., TinySec (CBC-MAC), MiniSec (OCB-MAC), and SenSec (XCBC-MAC), are not exactly suitable for BSN. ... We would like to thank Vicent Rijmen, Xuejia Lai for their advice on the design of TuLP and TuLP-128. ...

doi:10.1007/978-3-642-10628-6_13 fatcat:d4w5uo2bm5enblxioltw53ltxy

As a result, length preserving modes such as Output Feedback (OFB) can give better performance than CBC mode. ... In CBC mode, buffers need to be extended to a whole number of blocks on encryption and reduced to the real length on decryption. ...

doi:10.1007/10720107_20 fatcat:wpndyybihbb4bospi2zm6nwknu

A New Mode of Operation for Block Ciphers and Length-Preserving MACs [chapter]

Preserved Fulltext

On the Construction of Variable-Input-Length Ciphers [chapter]

Preserved Fulltext

Design of a New Cryptographic Hash Function – Titanium

Preserved Fulltext

Energy and Area Costs of Lightweight Cryptographic Algorithms for Authenticated Encryption in WSN

Preserved Fulltext

More About Block Ciphers [chapter]

Preserved Fulltext

CWC: A High-Performance Conventional Authenticated Encryption Mode [chapter]

Preserved Fulltext

Block Cipher Modes of Operation from a Hardware Implementation Perspective [chapter]

Preserved Fulltext

Self-synchronized Encryption for Physical Layer in Gigabit Ethernet Optical Links

Preserved Fulltext

Side Channel Analysis of Some Hash Based MACs: A Response to SHA-3 Requirements [chapter]

Preserved Fulltext

Fast Encryption and Authentication: XCBC Encryption and XECB Authentication Modes [chapter]

Preserved Fulltext

Message Authentication Codes from Unpredictable Block Ciphers [chapter]

Preserved Fulltext

Secure Message Authentication Against Related-Key Attack [chapter]

Preserved Fulltext

Automated Security Proof for Symmetric Encryption Modes [chapter]

Preserved Fulltext

Towards Secure and Practical MACs for Body Sensor Networks [chapter]

Preserved Fulltext

Performance of Protocols [chapter]

Preserved Fulltext