Filters








2,106 Hits in 5.2 sec

Strengthening the Known-Key Security Notion for Block Ciphers [chapter]

Benoît Cogliati, Yannick Seurin
2016 Lecture Notes in Computer Science  
We reconsider the formalization of known-key attacks against ideal primitive-based block ciphers.  ...  Hence, we introduce a stronger variant of known-key indifferentiability, where the adversary is given multiple known keys to "play" with, the informal goal being that the block cipher construction must  ...  Since this is not ensured by the ABM security notion, it is not applicable here, even though one would like to say that a block cipher which is secure against known-key attacks can safely be used in the  ... 
doi:10.1007/978-3-662-52993-5_25 fatcat:rypzfa76tfcahl22begezds64e

Open problems in hash function security

Elena Andreeva, Bart Mennink, Bart Preneel
2015 Designs, Codes and Cryptography  
We focus on existing security models and definitions, as well as on the security aspects of designing secure compression functions (indirectly) from either block ciphers or permutations.  ...  Most of existing hash functions are designed to evaluate a compression function with a finite domain in a mode of operation, and the compression function itself is often designed from block ciphers or  ...  This work was supported in part by the Research Council KU Leuven: GOA TENSE (GOA/11/007). Elena Andreeva and Bart Mennink are Postdoctoral Fellows of the Research Foundation -Flanders (FWO).  ... 
doi:10.1007/s10623-015-0096-0 fatcat:alir2p5gybgvrbup5jfvjf45te

Monkey: Black-Box Symmetric Ciphers Designed for MONopolizing KEYs [chapter]

Adam Young, Moti Yung
1998 Lecture Notes in Computer Science  
We show how to construct a cipher which we call 'Monkey' that leaks one key bit per output block to the designer of the system (in any mode).  ...  This key bit is leaked only if a particular plaintext bit is known to the designer (known bit/message attack which is typically available in plain ASCII).  ...  It strengthens the need for open cipher design efforts. We did not attempt to hide which "known bit" is required for the attack.  ... 
doi:10.1007/3-540-69710-1_9 fatcat:hbwgpdm37bgjpb6l4qrvbx7rf4

The Security of All-or-Nothing Encryption: Protecting against Exhaustive Key Search [chapter]

Anand Desai
2000 Lecture Notes in Computer Science  
We describe a simple block-cipher-based AONT and prove it secure in the Shannon Model of a block cipher.  ...  We investigate the all-or-nothing encryption paradigm which was introduced by Rivest as a new mode of operation for block ciphers.  ...  I would also like to thank Jee Hea Lee, Sara Miner and the CRYPTO 2000 program committee and reviewers for their very helpful comments.  ... 
doi:10.1007/3-540-44598-6_23 fatcat:42laaz6olbfhlgdjiicumy7tgq

Online Ciphers and the Hash-CBC Construction [chapter]

Mihir Bellare, Alexandra Boldyreva, Lars Knudsen, Chanathip Namprempre
2001 Lecture Notes in Computer Science  
Such ciphers permit length-preserving encryption of a data stream with only a single pass through the data. We provide security definitions for this primitive and study its basic properties.  ...  These are ciphers that can take input plaintexts of large and varying lengths and will output the ith block of the ciphertext after having processed only the first i blocks of the plaintext.  ...  We thank Anand Desai, Bogdan Warinschi, and the Crypto 2001 program committee for their helpful comments.  ... 
doi:10.1007/3-540-44647-8_18 fatcat:pkkfyns6uveo5hzqmdmdx7badm

Contemporary Block Ciphers [chapter]

Lars R. Knudsen
1999 Lecture Notes in Computer Science  
This paper considers modern secret-key block ciphers. The theory behind the design and analysis of modern block ciphers is explained, and the most important known attacks are outlined.  ...  Finally the Advanced Encryption Standard is discussed.  ...  Shannon's second principle is to make the system secure against all known attacks, which is still the best known design principle for secret-key ciphers today.  ... 
doi:10.1007/3-540-48969-x_5 fatcat:atvuetvxyvevvor2bmt53i776y

Merkle-Damgård Revisited: How to Construct a Hash Function [chapter]

Jean-Sébastien Coron, Yevgeniy Dodis, Cécile Malinaud, Prashant Puniya
2005 Lecture Notes in Computer Science  
The compression function is usually designed from scratch or made out of a block-cipher. In this paper, we introduce a new security notion for hash-functions, stronger than collision-resistance.  ...  Under this notion, the arbitrary length hash function H must behave as a random oracle when the fixed-length building block is viewed as a random oracle or an ideal block-cipher.  ...  Acknowledgments: We would like to deeply thank Victor Shoup for his invaluable contribution to all aspects of this work. We also thank the anonymous referees for many useful comments.  ... 
doi:10.1007/11535218_26 fatcat:n543i5e7wnef7kdpfo3z4sdaqu

A Middleware Design for Block Cipher Seamless Connected into Stream Cipher Mode

Lan Luo, ZhiGuang Qin, ShiJie Zhou, ShaoQuan Jiang, Juan Wang
2008 2008 International Conference on Intelligent Information Hiding and Multimedia Signal Processing  
Secure of this design was demonstrated by the block cipher algorithm itself and the complexity of mask algorithm.  ...  In order to connect the block cipher into stream cipher mode, the middleware about output of the block cipher was designed according to flexible and scalable principle.  ...  The key generation must against every kind of known attack. There are some attack methods to block cipher key and the design of this paper is a new idea to decrease such kinds of attack: 1.  ... 
doi:10.1109/iih-msp.2008.26 dblp:conf/iih-msp/LuoQZJW08 fatcat:6x3neveyuzccdeb2rwxf5gvu5e

Message Authentication Codes from Unpredictable Block Ciphers [chapter]

Yevgeniy Dodis, John Steinberger
2009 Lecture Notes in Computer Science  
Our mode has the following properties, when instantiated with a block cipher f to yield a variable-length, keyed hash function H: (1) MAC Preservation.  ...  Combined with the PRF preservation (2) , our mode provides a hedge against the case when the block cipher f is more secure as a MAC than as a PRF: if it is false, as we hope, we get a secure variable-length  ...  Enhanced PRF Security in the Oracle Cipher Model In this section, we introduce (following [8] ) a strictly stronger PRF security notion for block-cipher-based PRFs in the so called oracle cipher model  ... 
doi:10.1007/978-3-642-03356-8_16 fatcat:uzgghr6gvrbpdbae4v3vakfapm

Security Properties of Domain Extenders for Cryptographic Hash Functions

Elena Andreeva, Bart Mennink, Bart Preneel
2010 Journal of Information Processing Systems  
The compression function itself is designed from scratch, or derived from a block cipher or a permutation.  ...  that allows for parallelism.  ...  In [15] , Rogaway and Shrimpton investigate seven security notions for keyed hash functions as a natural extension of the three basic keyless notions of collision resistance (Coll), preimage resistance  ... 
doi:10.3745/jips.2010.6.4.453 fatcat:tn23p2dagjapxcmhfmx774zu2m

Correlation Differential Power Analysis Attack to Midori64 [article]

Behrooz Khadem, Hamid Ghanbari, Amin Masoumi souteh
2021 arXiv   pre-print
Following the running of Midori64 on the AVR microcontroller of the Atmega32 model, the master key of Midori block cipher is discovered with 300 known texts.  ...  With the low volume of computational complexity, we obtained the Midori block cipher key, which was considered secure, just by using 300 samples of the plaintext.  ...  Acknowledgment The authors want to thank Mr. Mohammad Gholi, Mr. Habibi, and Mr. Mahdavi for their kind contributions during this paper.  ... 
arXiv:2108.11115v1 fatcat:7bsha7noszesveqkywxuxoitym

Short Non-Malleable Codes from Related-Key Secure Block Ciphers

Serge Fehr, Pierre Karpman, Bart Mennink
2018 IACR Transactions on Symmetric Cryptology  
We consider the simplest possible construction in the computational split-state model, which simply encodes a message m as k||Ek(m) for a uniformly random key k, where E is a block cipher.  ...  Both properties are believed to hold for "good" block ciphers, such as AES-128, making this non-malleable code very efficient with short codewords of length |m|+2τ (where τ is the security parameter, e.g  ...  Admittedly, constructions benefiting from a related-key secure block cipher E are already known -one can for instance design a tweakable block cipher E from an XOR-related-key secure block cipher E as  ... 
doi:10.13154/tosc.v2018.i1.336-352 dblp:journals/tosc/FehrKM18 fatcat:ddtf3qbeabb4pbfrxsdtpyjzhq

Short Non-Malleable Codes from Related-Key Secure Block Ciphers

Serge Fehr, Pierre Karpman, Bart Mennink
2018 IACR Transactions on Symmetric Cryptology  
We consider the simplest possible construction in the computational split-state model, which simply encodes a message m as k||Ek(m) for a uniformly random key k, where E is a block cipher.  ...  Both properties are believed to hold for "good" block ciphers, such as AES-128, making this non-malleable code very efficient with short codewords of length |m|+2τ (where τ is the security parameter, e.g  ...  Admittedly, constructions benefiting from a related-key secure block cipher E are already known -one can for instance design a tweakable block cipher E from an XOR-related-key secure block cipher E as  ... 
doi:10.46586/tosc.v2018.i1.336-352 fatcat:hdfynbsqbrhexlmq4uheifngfa

An Introduction to Data Encryption and Future Trends in Lightweight Cryptography and Securing IoT Environments

Sikha Bagui, Raffaele Galliera
2022 Transactions on Machine Learning and Artificial Intelligence  
The crucial importance of securing communications between IoT devices and widely used algorithms to do so, are also discussed.  ...  Less traditional arguments are also shown, from the relevance of Key Management Services with its usage in Envelope Encryption, to Zero Knowledge proofs and their innovative applications.  ...  As shown by [10] , for cryptosystems which use the same key repeatedly, block ciphers are usually considered stronger than stream ciphers.  ... 
doi:10.14738/tmlai.102.11939 fatcat:5hdl6mf35jdqjjknol2cxsgddq

Online Ciphers from Tweakable Blockciphers [chapter]

Phillip Rogaway, Haibin Zhang
2011 Lecture Notes in Computer Science  
Online ciphers are deterministic length-preserving permutations EK : ({0, 1} n ) + → ({0, 1} n ) + where the i-th block of ciphertext depends only on the first i blocks of plaintext.  ...  We go on to show how to define and achieve online ciphers for settings in which messages need not be a multiple of n bits.  ...  Acknowledgments Many thanks for the perceptive comments from the anonymous referees. Our apologies that we have not expanded on points where this ought be done.  ... 
doi:10.1007/978-3-642-19074-2_16 fatcat:lkfig6uaijcrvhjeeckv7j6efm
« Previous Showing results 1 — 15 out of 2,106 results