Toward a Fully Secure Authenticated Encryption Scheme from a Pseudorandom Permutation

被引:3
|
作者
Choi, Wonseok [1 ]
Lee, Byeonghak [1 ]
Lee, Jooyoung [1 ]
Lee, Yeongmin [1 ]
机构
[1] Korea Adv Inst Sci & Technol, Daejeon, South Korea
关键词
Authenticated encryption; Beyond-birthday-bound security; Nonce-misuse resistance; Graceful degradation; Block cipher; MODE; GCM; PERFORMANCE;
D O I
10.1007/978-3-030-92078-4_14
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In this paper, we propose a new block cipher-based authenticated encryption scheme, dubbed the Synthetic Counter with Masking (SCM) mode. SCM follows the NSIV paradigm proposed by Peyrin and Seurin (CRYPTO 2016), where a keyed hash function accepts a nonce N with associated data and a message, yielding an authentication tag T, and then the message is encrypted by a counter-like mode using both T and N. Here we move one step further by encrypting nonces; in the encryption part, the inputs to the block cipher are determined by T, counters, and an encrypted nonce, and all its outputs are also masked by an (additional) encrypted nonce, yielding keystream blocks. As a result, we obtain, for the first time, a block cipher-based authenticated encryption scheme of rate 1/2 that provides n-bit security with respect to the query complexity (ignoring the influence of message length) in the nonce-respecting setting, and at the same time guarantees graceful security degradation in the faulty nonce model, when the underlying n-bit block cipher is modeled as a secure pseudorandom permutation. Seen as a slight variant of GCM-SIV, SCM is also parallelizable and inverse-free, and its performance is still comparable to GCM-SIV.
引用
收藏
页码:407 / 434
页数:28
相关论文
共 50 条
  • [1] Secure Fully Homomorphic Authenticated Encryption
    Kim, Jeongsu
    Yun, Aaram
    [J]. IEEE ACCESS, 2021, 9 : 107279 - 107297
  • [2] A secure authenticated encryption scheme and its extension
    Zhang, Jianhong
    Cheng, Ji
    [J]. PROCEEDINGS OF 2007 INTERNATIONAL WORKSHOP ON SIGNAL DESIGN AND ITS APPLICATIONS IN COMMUNICATIONS, 2007, : 74 - 78
  • [3] TriviA: A Fast and Secure Authenticated Encryption Scheme
    Chakraborti, Avik
    Chattopadhyay, Anupam
    Hassan, Muhammad
    Nandi, Mridul
    [J]. CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS - CHES 2015, 2015, 9293 : 330 - 353
  • [4] A robust and secure chaotic standard map based pseudorandom permutation-substitution scheme for image encryption
    Patidar, Vinod
    Pareek, N. K.
    Purohit, G.
    Sud, K. K.
    [J]. OPTICS COMMUNICATIONS, 2011, 284 (19) : 4331 - 4339
  • [5] An image encryption scheme with a pseudorandom permutation based on chaotic maps
    Yoon, Ji Won
    Kim, Hyoungshick
    [J]. COMMUNICATIONS IN NONLINEAR SCIENCE AND NUMERICAL SIMULATION, 2010, 15 (12) : 3998 - 4006
  • [6] A Fully Secure Spatial Encryption Scheme
    Moriyama, Daisuke
    Doi, Hiroshi
    [J]. IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, 2011, E94A (01) : 28 - 35
  • [7] Secure Convertible Authenticated Encryption Scheme Based on RSA
    Wu, Tzong-Sun
    Lin, Han-Yu
    [J]. INFORMATICA-JOURNAL OF COMPUTING AND INFORMATICS, 2009, 33 (04): : 481 - 486
  • [8] Provably secure certificateless deniable authenticated encryption scheme
    Kar, Jayaprakash
    [J]. JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2020, 54
  • [9] CRYPTANALYSIS OF AN IMAGE ENCRYPTION SCHEME WITH A PSEUDORANDOM PERMUTATION AND ITS IMPROVED VERSION
    Wang Jing Jiang Guoping Lin Bing College of AutomationNanjing University of Posts and TelecommunicationsNanjing China
    [J]. Journal of Electronics(China)., 2012, 29(Z1) (China) - 93
  • [10] CRYPTANALYSIS OF AN IMAGE ENCRYPTION SCHEME WITH A PSEUDORANDOM PERMUTATION AND ITS IMPROVED VERSION
    Wang Jing Jiang Guoping Lin Bing (College of Automation
    [J]. Journal of Electronics(China), 2012, (Z1) : 82 - 93