Filters








127 Hits in 4.1 sec

Efficient Length Doubling From Tweakable Block Ciphers

Yu Long Chen, Atul Luykx, Bart Mennink, Bart Preneel
2017 IACR Transactions on Symmetric Cryptology  
We present a length doubler, LDT, that turns an n-bit tweakable block cipher into an efficient and secure cipher that can encrypt any bit string of length [n..2n − 1].  ...  ciphers are strong tweakable pseudorandom permutations.  ...  Bart Mennink is supported by a postdoctoral fellowship from the Netherlands Organisation for Scientific Research (NWO) under Veni grant 016.Veni.173.017.  ... 
doi:10.13154/tosc.v2017.i3.253-270 dblp:journals/tosc/ChenLMP17 fatcat:746lj4x5rbd6rls2xzpic7blki

Efficient Length Doubling From Tweakable Block Ciphers

Yu Long Chen, Atul Luykx, Bart Mennink, Bart Preneel
2017 IACR Transactions on Symmetric Cryptology  
We present a length doubler, LDT, that turns an n-bit tweakable block cipher into an efficient and secure cipher that can encrypt any bit string of length [n..2n − 1].  ...  ciphers are strong tweakable pseudorandom permutations.  ...  Bart Mennink is supported by a postdoctoral fellowship from the Netherlands Organisation for Scientific Research (NWO) under Veni grant 016.Veni.173.017.  ... 
doi:10.46586/tosc.v2017.i3.253-270 fatcat:ccaqbjztgzex5fsasx2qwvtw6u

A Domain Extender for the Ideal Cipher [chapter]

Jean-Sébastien Coron, Yevgeniy Dodis, Avradip Mandal, Yannick Seurin
2010 Lecture Notes in Computer Science  
We also consider our construction in the standard model: we show that 2 rounds are enough to get a 2n-bit tweakable block-cipher from a n-bit tweakable block-cipher and we show that with 3 rounds we can  ...  Our construction is based on a 3-round Feistel, and is more efficient than first building a n-bit random oracle from a nbit ideal cipher (as in [9] ) and then a 2n-bit ideal cipher from a n-bit random  ...  Efficient constructions of tweakable block-ciphers were described in [22] , given ordinary block-ciphers. Definition 2.  ... 
doi:10.1007/978-3-642-11799-2_17 fatcat:fv6pfytwcbhhliv4gl7zq2oh2a

Length-Doubling Ciphers and Tweakable Ciphers [chapter]

Haibin Zhang
2012 Lecture Notes in Computer Science  
., THEM) that turns a n-bit blockcipher into a variable-input-length cipher (resp., tweakable cipher) that acts on strings of [n..2n − 1] bits.  ...  We prove them secure in the sense of strong PRP and tweakable strong PRP, assuming the underlying blockcipher is a strong PRP.  ...  We extend the idea of Naor and Reingold [20] to construct an efficient VIL length-doubling cipher and tweakable cipher.  ... 
doi:10.1007/978-3-642-31284-7_7 fatcat:26yuridgynh5rchyaprysfcyu4

On the Security Bounds of CMC, EME, EME + and EME* Modes of Operation [chapter]

Raphael C. -W. Phan, Bok-Min Goi
2005 Lecture Notes in Computer Science  
Since 2002, variants of two tweakable block cipher modes of operation, CMC and EME, have been presented by Halevi and Rogaway that are suitable for encryption of disk sectors.  ...  In particular, we show how to distinguish the CMC, EME, EME + and EME * modes from random tweakable permutations with negligible effort and 2 n/2 chosen plaintexts, where n is the block size in bits.  ...  In fact, since the modes are claimed to be secure against variable length input queries, an attacker could obtain queries from the modes under differing input lengths, each time increasing the block length  ... 
doi:10.1007/11602897_12 fatcat:vlngjf5irjeulao34meq5sd2qe

Online Ciphers from Tweakable Blockciphers [chapter]

Phillip Rogaway, Haibin Zhang
2011 Lecture Notes in Computer Science  
Online ciphers are deterministic length-preserving permutations EK : ({0, 1} n ) + → ({0, 1} n ) + where the i-th block of ciphertext depends only on the first i blocks of plaintext.  ...  We simplify and generalize their work, showing that online ciphers are rather trivially constructed from tweakable blockciphers, a notion of Liskov, Rivest, and Wagner.  ...  Acknowledgments Many thanks for the perceptive comments from the anonymous referees. Our apologies that we have not expanded on points where this ought be done.  ... 
doi:10.1007/978-3-642-19074-2_16 fatcat:lkfig6uaijcrvhjeeckv7j6efm

Tweaks and Keys for Block Ciphers: The TWEAKEY Framework [chapter]

Jérémy Jean, Ivica Nikolić, Thomas Peyrin
2014 Lecture Notes in Computer Science  
used as a black box to build a tweakable block cipher.  ...  We propose the TWEAKEY framework with goal to unify the design of tweakable block ciphers and of block ciphers resistant to relatedkey attacks.  ...  One advantage of such a framework is that one can obtain a tweakable single-key block cipher or a double-key length block cipher with the very same primitive.  ... 
doi:10.1007/978-3-662-45608-8_15 fatcat:dsktm3q4pbb45fprh6jheicsm4

A New Mode of Encryption Providing a Tweakable Strong Pseudo-random Permutation [chapter]

Debrup Chakraborty, Palash Sarkar
2006 Lecture Notes in Computer Science  
Compared to previous known constructions, PEP is the only known construction of tweakable SPRP which uses a single key, is efficiently parallelizable and can handle an arbitrary number of blocks.  ...  This approach is different from the encrypt-mask-encrypt approach of constructions such as CMC, EME and EME * .  ...  A mode of operation of a block cipher is used to extend the domain of applicability from fixed length strings to long and variable length strings.  ... 
doi:10.1007/11799313_19 fatcat:jos46pbrnbfzxl6ujebxd467gi

Deck-Based Wide Block Cipher Modes and an Exposition of the Blinded Keyed Hashing Model

Aldo Gunsing, Joan Daemen, Bart Mennink
2020 IACR Transactions on Symmetric Cryptology  
We present two tweakable wide block cipher modes from doubly-extendable cryptographic keyed (deck) functions and a keyed hash function: double-decker and docked-double-decker.  ...  We prove that the distinguishing advantage of the resulting wide block ciphers is simply two times the sum of the pseudorandom function distinguishing advantage of the deck function and the blinded keyed  ...  Deck-Based Wide Block Cipher Modes In this work, we formalize and analyze two similar deck-based tweakable wide block cipher modes: double-decker and docked-double-decker.  ... 
doi:10.46586/tosc.v2019.i4.1-22 fatcat:auglgv5e6je6dahurr5db2m7d4

Deck-Based Wide Block Cipher Modes and an Exposition of the Blinded Keyed Hashing Model

Aldo Gunsing, Joan Daemen, Bart Mennink
2020 IACR Transactions on Symmetric Cryptology  
We present two tweakable wide block cipher modes from doubly-extendable cryptographic keyed (deck) functions and a keyed hash function: double-decker and docked-double-decker.  ...  We prove that the distinguishing advantage of the resulting wide block ciphers is simply two times the sum of the pseudorandom function distinguishing advantage of the deck function and the blinded keyed  ...  Deck-Based Wide Block Cipher Modes In this work, we formalize and analyze two similar deck-based tweakable wide block cipher modes: double-decker and docked-double-decker.  ... 
doi:10.13154/tosc.v2019.i4.1-22 dblp:journals/tosc/GunsingDM19 fatcat:24chhpmytvad7nxfah4a5egtqe

Beyond-Birthday-Bound Security Based on Tweakable Block Cipher [chapter]

Kazuhiko Minematsu
2009 Lecture Notes in Computer Science  
We also study how to build such tweakable block ciphers from ordinary block ciphers, which may be of independent interest.  ...  Unlike previous approaches using pseudorandom functions, we present a simple and efficient proposal using a tweakable block cipher as an internal module.  ...  Introduction A double-block-length cipher (DBLC), i.e. a 2n-bit block cipher made from n-bit block components, has been one of the main research topics in the symmetric cryptography.  ... 
doi:10.1007/978-3-642-03317-9_19 fatcat:whajzn3o4ndrpffrote4lcsbsy

Tweaking Generic OTR to Avoid Forgery Attacks [chapter]

Hassan Qahur Al Mahri, Leonie Simpson, Harry Bartlett, Ed Dawson, Kenneth Koon-Ho Wong
2016 Communications in Computer and Information Science  
The current version of OTR gives a security proof for specific choices of the block size (n) and the primitive polynomial used to construct the finite field F2n .  ...  In this paper, we show that some primitive polynomials result in collisions among the masking coefficients used in the current instantiation, from which forgeries can be constructed.  ...  Acknowledgements Hassan Al Mahri would like to acknowledge the scholarship for this research from the government of the Sultanate of Oman.  ... 
doi:10.1007/978-981-10-2741-3_4 fatcat:wrp4exe7fnh2tfhsblvar3owge

On the Impossibility of Highly-Efficient Blockcipher-Based Hash Functions [chapter]

John Black, Martin Cochran, Thomas Shrimpton
2005 Lecture Notes in Computer Science  
We say a blockcipher-based hash function is highly-efficient if it makes exactly one blockcipher call for each message block hashed, and all blockcipher calls use a key from K.  ...  In this paper we prove, in the ideal-cipher model, that it is impossible to construct a highly-efficient iterated blockcipher-based hash function that is provably secure.  ...  John Black's work was supported by NSF CAREER-0240000 and a gift from the Boettcher Foundation.  ... 
doi:10.1007/11426639_31 fatcat:qgkpqjus75hflgrjqurbxa3w7q

On the Impossibility of Highly-Efficient Blockcipher-Based Hash Functions

J. Black, M. Cochran, T. Shrimpton
2008 Journal of Cryptology  
We say a blockcipher-based hash function is highly-efficient if it makes exactly one blockcipher call for each message block hashed, and all blockcipher calls use a key from K.  ...  In this paper we prove, in the ideal-cipher model, that it is impossible to construct a highly-efficient iterated blockcipher-based hash function that is provably secure.  ...  John Black's work was supported by NSF CAREER-0240000 and a gift from the Boettcher Foundation.  ... 
doi:10.1007/s00145-008-9030-1 fatcat:mcdk4ryxyvcnrnyime4pjwva7e

A Tweakable Enciphering Mode [chapter]

Shai Halevi, Phillip Rogaway
2003 Lecture Notes in Computer Science  
We describe a block-cipher mode of operation, CMC, that turns an n-bit block cipher into a tweakable enciphering scheme that acts on strings of mn bits, where m ≥ 2.  ...  When the underlying block cipher is secure in the sense of a strong pseudorandom permutation (PRP), our scheme is secure in the sense of tweakable, strong PRP.  ...  Phil received support from NSF grant CCR-0085961 and a gift from CISCO Systems. This work was carried out while Phil was at Chiang Mai University, Thailand.  ... 
doi:10.1007/978-3-540-45146-4_28 fatcat:knioeyfvbrerxglg4niottx3ma
« Previous Showing results 1 — 15 out of 127 results