Filters








39 Hits in 2.1 sec

Online Ciphers from Tweakable Blockciphers [chapter]

Phillip Rogaway, Haibin Zhang
2011 Lecture Notes in Computer Science  
We simplify and generalize their work, showing that online ciphers are rather trivially constructed from tweakable blockciphers, a notion of Liskov, Rivest, and Wagner.  ...  We go on to show how to define and achieve online ciphers for settings in which messages need not be a multiple of n bits.  ...  Acknowledgments Many thanks for the perceptive comments from the anonymous referees. Our apologies that we have not expanded on points where this ought be done.  ... 
doi:10.1007/978-3-642-19074-2_16 fatcat:lkfig6uaijcrvhjeeckv7j6efm

Turning Online Ciphers Off

Elena Andreeva, Guy Barwell, Ritam Bhaumik, Mridul Nandi, Dan Page, Martijn Stam
2017 IACR Transactions on Symmetric Cryptology  
As part of our investigation, we extend an observation by Rogaway and Zhang by further highlighting the close relationship between online ciphers and tweakable blockciphers with variable-length tweaks.  ...  CAESAR has caused a heated discussion regarding the merits of one-pass encryption and online ciphers.  ...  So, if an online cipher is distinguishable from the ideal online cipher, by applying f we see that the corresponding tweakable blockcipher is distinguishable from the ideal tweakable blockcipher, and vice  ... 
doi:10.13154/tosc.v2017.i2.105-142 dblp:journals/tosc/0001BBNPS17 fatcat:qvo5q632mjggjoqecwo23z2c74

Optimally Secure Tweakable Blockciphers [chapter]

Bart Mennink
2015 Lecture Notes in Computer Science  
We consider the generic design of a tweakable blockcipher from one or more evaluations of a classical blockcipher, in such a way that all input and output wires are of size n bits.  ...  As a first contribution, we show that any tweakable blockcipher with one primitive call and arbitrary linear pre-and postprocessing functions can be distinguished from an ideal one with an attack complexity  ...  schemes and message authentication codes [2, 27, 41, 42] , and online ciphers [2, 44] .  ... 
doi:10.1007/978-3-662-48116-5_21 fatcat:ymtp7hvwwncbrgp5dwebmaaga4

Turning Online Ciphers Off

Elena Andreeva, Guy Barwell, Ritam Bhaumik, Mridul Nandi, Dan Page, Martijn Stam
2017 IACR Transactions on Symmetric Cryptology  
As part of our investigation, we extend an observation by Rogaway and Zhang by further highlighting the close relationship between online ciphers and tweakable blockciphers with variable-length tweaks.  ...  CAESAR has caused a heated discussion regarding the merits of one-pass encryption and online ciphers.  ...  So, if an online cipher is distinguishable from the ideal online cipher, by applying f we see that the corresponding tweakable blockcipher is distinguishable from the ideal tweakable blockcipher, and vice  ... 
doi:10.46586/tosc.v2017.i2.105-142 fatcat:7722bkvrjbflrkdf6z4kwwfd6i

Length-Doubling Ciphers and Tweakable Ciphers [chapter]

Haibin Zhang
2012 Lecture Notes in Computer Science  
., THEM) that turns a n-bit blockcipher into a variable-input-length cipher (resp., tweakable cipher) that acts on strings of [n..2n − 1] bits.  ...  We prove them secure in the sense of strong PRP and tweakable strong PRP, assuming the underlying blockcipher is a strong PRP.  ...  In particular, Rogaway and Zhang show how to turn such a VIL length-doubling tweakable cipher into an arbitrary-length-input online cipher [24] .  ... 
doi:10.1007/978-3-642-31284-7_7 fatcat:26yuridgynh5rchyaprysfcyu4

Tweakable Blockciphers for Efficient Authenticated Encryptions with Beyond the Birthday-Bound Security

Yusuke Naito
2017 IACR Transactions on Symmetric Cryptology  
Modular design via a tweakable blockcipher (TBC) offers efficient authenticated encryption (AE) schemes (with associated data) that call a blockcipher once for each data block (of associated data or a  ...  Existing blockcipher-based AE schemes with beyond-birthday-bound (BBB) security are not efficient, that is, a blockcipher is called twice or more for each data block.  ...  . • Difference 1: The difference comes from the (in)dependence between online and offline queries. In World1, responses of online and offline queries are defined by using an ideal cipher.  ... 
doi:10.46586/tosc.v2017.i2.1-26 fatcat:7hacsjdldne5lmzuj5ljrbqrgi

Tweakable Blockciphers for Efficient Authenticated Encryptions with Beyond the Birthday-Bound Security

Yusuke Naito
2017 IACR Transactions on Symmetric Cryptology  
Modular design via a tweakable blockcipher (TBC) offers efficient authenticated encryption (AE) schemes (with associated data) that call a blockcipher once for each data block (of associated data or a  ...  almost xor universal hash function, and the hash value is xor-ed with the input and output blocks of a blockcipher with the nonce-dependent key (from Liskov et al.).  ...  . • Difference 1: The difference comes from the (in)dependence between online and offline queries. In World1, responses of online and offline queries are defined by using an ideal cipher.  ... 
doi:10.13154/tosc.v2017.i2.1-26 dblp:journals/tosc/000117 fatcat:kiiogdydxjd5hp75ubnfxk3fja

Modes of Operation Suitable for Computing on Encrypted Data

Dragos Rotaru, Nigel P. Smart, Martijn Stam
2017 IACR Transactions on Symmetric Cryptology  
In order to use these modes one needs to convert them from their original instantiation of being defined on binary blocks of data, to working on elememts in a large prime finite field.  ...  In analogy with tweakable blockciphers, we shall also consider PRFs. A tweakable PRF (tPRF) takes as additional input a tweak T chosen from a set of tweaks T , thus F : K × T × X → Y.  ...  Although OTR strictly speaking is a blockcipher mode of operation, Minematsu already presents OTR as a tweakable blockcipher mode of operation instantiated with a specific tweakable blockcipher.  ... 
doi:10.13154/tosc.v2017.i3.294-324 dblp:journals/tosc/RotaruSS17 fatcat:shef7sk2pba57kb5dy5nugrlia

Modes of Operation Suitable for Computing on Encrypted Data

Dragos Rotaru, Nigel P. Smart, Martijn Stam
2017 IACR Transactions on Symmetric Cryptology  
In order to use these modes one needs to convert them from their original instantiation of being defined on binary blocks of data, to working on elememts in a large prime finite field.  ...  In analogy with tweakable blockciphers, we shall also consider PRFs. A tweakable PRF (tPRF) takes as additional input a tweak T chosen from a set of tweaks T , thus F : K × T × X → Y.  ...  Although OTR strictly speaking is a blockcipher mode of operation, Minematsu already presents OTR as a tweakable blockcipher mode of operation instantiated with a specific tweakable blockcipher.  ... 
doi:10.46586/tosc.v2017.i3.294-324 fatcat:ums2prp45jhkpnulf2grrbfmwq

Multi-user security of the tweakable Even-Mansour cipher

Ping Zhang, Qian Yuan, Honggang Hu, Peng Wang
2020 Science China Information Sciences  
A tweakable blockcipher (TBC) is an improved version of a conventional block cipher, which adds an extra input, called tweak, on the basis of a key and a plaintext.  ...  The tweakable Even-Mansour (TEM) cipher first presented by Cogliati et al. [1] is a permutation-based TBC, which is constructed from an r-tuple of n-bit permutations and a uniform almost-XORuniversal (  ...  The supporting information is available online at info.scichina.com and link. springer.com. The supporting materials are published as submitted, without typesetting or editing.  ... 
doi:10.1007/s11432-018-9757-4 fatcat:pmq25xxravf65ddhzosuedm5qy

The State of the Authenticated Encryption

Damian Vizár
2016 Tatra Mountains Mathematical Publications  
Online, inverse-free. Nonce-based AE security. Provably secure. Joltik [45] Tweakable blockcipher-based, proposes two modes (derive from TAE and CTR). Both fully parallelizable, online.  ...  Deoxys [44] Tweakable blockcipher-based, proposes two modes (derive from TAE [50] and CTR). Both fully parallelizable, online. Nonce-based AE security, MRAE. Provably secure.  ... 
doi:10.1515/tmmp-2016-0038 fatcat:vnvjfj73yvff7ovjqagtwdpena

Symmetric Cryptography (Dagstuhl Seminar 16021)

Frederik Armknecht, Tetsu Iwata, Kaisa Nyberg, Bart Preneel, Marc Herbstritt
2016 Dagstuhl Reports  
From January 10-15, 2016, the seminar 16021 in Symmetric Cryptography was held in Schloss Dagstuhl -Leibniz Center for Informatics.  ...  This proposal mainly consists in separately evaluating primitives (block ciphers, tweakable block ciphers, permutations, . . . ) from modes (sponge, OCB, . . . ).  ...  If the masking satisfies a set of simple conditions, then MEM is a secure tweakable blockcipher up to the birthday bound.  ... 
doi:10.4230/dagrep.6.1.34 dblp:journals/dagstuhl-reports/ArmknechtINP16 fatcat:3p4woms76ncrdm5hkd2iempk74

Salvaging Weak Security Bounds for Blockcipher-Based Constructions [chapter]

Thomas Shrimpton, R. Seth Terashima
2016 Lecture Notes in Computer Science  
The ICM-KOA provides a conceptual bridge between ideal ciphers and tweakable blockciphers (TBC): blockcipher-based constructions secure in the ICM-KOA have TBC-based analogs that are secure under standard-model  ...  Unlike the ICM, results in the ICM-KOA are less brittle to current and future cryptanalytic results on the blockcipher used to instantiate the ideal cipher.  ...  Finally, the ICM-KOA provides a conceptual bridge between ideal ciphers and tweakable blockciphers (TBC).  ... 
doi:10.1007/978-3-662-53887-6_16 fatcat:6hzbulnrfjaflmjj32spfgxozu

Improved Masking for Tweakable Blockciphers with Applications to Authenticated Encryption [chapter]

Robert Granger, Philipp Jovanovic, Bart Mennink, Samuel Neves
2016 Lecture Notes in Computer Science  
The same masking techniques can also be used for permutation-based tweakable blockciphers.  ...  Characteristic for the majority of blockcipher-based AE schemes is that they rely on a tweakable blockcipher where changes in the tweak can be realized efficiently.  ...  Masked Even-Mansour (MEM) Tweakable Cipher As a first contribution, we revisit the state of the art in masking with the introduction of the "Masked Even-Mansour" tweakable blockcipher in Section 3.  ... 
doi:10.1007/978-3-662-49890-3_11 fatcat:7hajg3rx7zcfblb4hkyayncs6y

Tweaking a block cipher: multi-user beyond-birthday-bound security in the standard model

Benoît Cogliati
2018 Designs, Codes and Cryptography  
In this paper, we present a generic construction to create a secure tweakable block cipher from a secure block cipher.  ...  Our construction is very natural, requiring four calls to the underlying block cipher for each call of the tweakable block cipher.  ...  We would also like to thank the reviewers from Designs, Codes and Cryptography for their helpful comments.  ... 
doi:10.1007/s10623-018-0471-8 fatcat:fx5mklk75bcopbpdsbgasho4n4
« Previous Showing results 1 — 15 out of 39 results