OCB: A block-cipher mode of operation for efficient authenticated encryption
作者: Phillip Rogaway , Mihir Bellare , John Black
关键词:
摘要: We describe a parallelizable block-cipher mode of operation that simultaneously provides privacy and authenticity. OCB encrypts-and-authenticates nonempty string M ∈ {0, 1}* using ⌈|M|/n⌉ + 2 invocations, where n is the block length underlying cipher. Additional overhead small. refines scheme, IAPM, suggested by Charanjit Jutla. Desirable properties include ability to encrypt bit arbitrary into ciphertext minimal length, cheap offset calculations, key setup, single cryptographic key, no extended-precision addition, nearly optimal number calls, requirement for random IV. prove secure, quantifying adversary's violate mode's or authenticity in terms quality its cipher as pseudorandom permutation (PRP) strong PRP, respectively.
acm.org
sci-hub.se 参考文章(30)
Shai Halevi, An observation regarding Jutla's modes of operation. IACR Cryptology ePrint Archive. ,vol. 2001, pp. 15- ,(2001)
Mihir Bellare, Anand Desai, David Pointcheval, Phillip Rogaway, Relations Among Notions of Security for Public-Key Encryption Schemes international cryptology conference. pp. 26- 45 ,(1998) , 10.1007/BFB0055718
John Black, Hector Urtubia, Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption usenix security symposium. pp. 327- 338 ,(2002)
Helger Lipmaa, Kazumaro Aoki, Fast Implementations of AES Candidates. AES Candidate Conference. pp. 106- 120 ,(2000)
Hugo Krawczyk, The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL?) international cryptology conference. ,vol. 2001, pp. 310- 331 ,(2001) , 10.1007/3-540-44647-8_19
Vincent Rijmen, Bart Preneel, State of the Art in Applied Cryptography: Course on Computer Security and Industrial Cryptography, Leuven, Belgium, June 3-6, 1997 Revised Lectures ,(1998)
Virgil D. Gligor, Pompiliu Donescu, Integrity-Aware PCBC Encryption Schemes international workshop on security. pp. 153- 171 ,(1999) , 10.1007/10720107_22
Mihir Bellare, Chanathip Namprempre, Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm international conference on the theory and application of cryptology and information security. pp. 531- 545 ,(2000) , 10.1007/3-540-44448-3_41
Daniel Bleichenbacher, Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1 international cryptology conference. pp. 1- 12 ,(1998) , 10.1007/BFB0055716
Mihir Bellare, Phillip Rogaway, Encode-Then-Encipher Encryption: How to Exploit Nonces or Redundancy in Plaintexts for Efficient Cryptography international conference on the theory and application of cryptology and information security. pp. 317- 330 ,(2000) , 10.1007/3-540-44448-3_24