Abstract
Authenticated encryption (AE) is a mechanism to provide privacy as well as integrity of a plaintext. In the decryption phase of an AE scheme, the plaintext corresponding to a ciphertext is released if the tag is verified. As AE can be implemented in low end devices like smart cards, one may be forced to release plaintext before verification. Andreeva et al. address the issue of releasing unverified plaintext and formalize it by the notion called INT-RUP. In this paper, we consider “rate-1” block-cipher based affine authenticated encryption mode and show a generic INT-RUP attack on this mode. Using this attack idea, we also present an INT-RUP attack on CPFB (rate \(\frac{3}{4}\)). Then we present a variant of CPFB, called mCPFB (rate \(\frac{3}{4}\)) which achieves INT-RUP security.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
CAESAR Competition. http://competitions.cr.yp.to/caesar.html
Andreeva, E., Bogdanov, A., Luykx, A., Mennink, B., Mouha, N., Yasuda, K.: How to Securely Release Unverified Plaintext inAuthenticated Encryption (2014). http://eprint.iacr.org/2014/144
Andreeva, E., Bogdanov, A., Luykx, A., Mennink, B., Tischhauser, E., Yasuda, K.: AES-COPA v.1 (2014). http://competitions.cr.yp.to/round1/aescopav1.pdf
Canvel, B., Hiltgen, A.P., Vaudenay, S., Vuagnoux, M.: Password interception in a SSL/TLS channel. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 583–599. Springer, Heidelberg (2003)
Datta, N., Nandi, M.: \({\sf ELmE}\): A misuse resistant parallel authenticated encryption. In: Susilo, W., Mu, Y. (eds.) ACISP 2014. LNCS, vol. 8544, pp. 306–321. Springer, Heidelberg (2014)
Fleischmann, E., Forler, C., Lucks, S.: McOE: A family of almost foolproof online authenticated encryption schemes. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 196–215. Springer, Heidelberg (2012)
Iwata, T., Minematsu, K., Guo, J., Morioka, S., Kobayashi, E.: CLOC: Compact Low-Overhead CFB (2014). http://competitions.cr.yp.to/round1/clocv1.pdf
Iwata, T., Minematsu, K., Guo, J., Morioka, S., Kobayashi, E.: SILC: SImple Lightweight CFB (2014). http://competitions.cr.yp.to/round1/silcv1.pdf
Jutla, C.: Encryption modes with almost free message integrity. J. Cryptology 21, 547–578 (2008)
Jutla, C.: Parallelizable Encryption Mode with Almost Free Message Integrity (2000). http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/iapm/iapm-spec.pdf
Krovetz, T., Rogaway, P.: The OCB Authenticated-Encryption Algorithm (2013). http://datatracker.ietf.org/doc/draft-irtf-cfrg-ocb
McGrew, D.A., Viega, J.: The Galois/Counter Mode of Operation (GCM) (2005). http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-spec.pdf
Montes, M., Penazzi, D.: AES-CPFB v1 (2014). http://competitions.cr.yp.to/round1/aescpfbv1.pdf
Nandi, M.: On the Optimality of Non-Linear Computations of Length-PreservingEncryption Schemes (2015). https://eprint.iacr.org/2015/414.pdf
Nandi, M.: XLS is not a strong pseudorandom permutation. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 478–490. Springer, Heidelberg (2014)
Nandi, M.: On the minimum number of multiplications necessary for universal hash functions. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 489–507. Springer, Heidelberg (2015)
Tsang, P.P., Smith, S.W.: Secure cryptographic precomputation with insecure memory. In: Chen, L., Mu, Y., Susilo, W. (eds.) ISPEC 2008. LNCS, vol. 4991, pp. 146–160. Springer, Heidelberg (2008)
Vaudenay, S.: Security flaws induced by CBC padding - Applications to SSL, IPSEC, WTLS. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 534–546. Springer, Heidelberg (2002)
Zhang, L., Wu, W., Sui, H., Wang, P.: iFeed[AES] v1 (2014). http://competitions.cr.yp.to/round1/ifeedaesv1.pdf
Acknowledgement
This work has been supported by the Centre of Excellence in Cryptology and R. C. Bose Centre for Cryptology and Security, Indian Statistical Institute, Kolkata. We would like to thank the anonymous reviewers for their detailed comments and suggestions on our paper.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Chakraborti, A., Datta, N., Nandi, M. (2016). INT-RUP Analysis of Block-cipher Based Authenticated Encryption Schemes. In: Sako, K. (eds) Topics in Cryptology - CT-RSA 2016. CT-RSA 2016. Lecture Notes in Computer Science(), vol 9610. Springer, Cham. https://doi.org/10.1007/978-3-319-29485-8_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-29485-8_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-29484-1
Online ISBN: 978-3-319-29485-8
eBook Packages: Computer ScienceComputer Science (R0)