Skip to main content
Springer Nature Link
Log in

Cryptanalysis of the EPBC Authenticated Encryption Mode

  • Conference paper
Cryptography and Coding (Cryptography and Coding 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4887))

Included in the following conference series:

  • 974 Accesses

Abstract

A large variety of methods for using block ciphers, so called ‘modes of operation’, have been proposed, including some designed to provide both confidentiality and integrity protection. Such modes, usually known as ‘authenticated encryption’ modes, are increasingly important given the variety of issues now known with the use of unauthenticated encryption. In this paper we show that a mode known as EPBC (Efficient error-Propagating Block Chaining), proposed in 1997 by Zúquete and Guedes, is insecure. Specifically we show that given a modest amount of known plaintext for a single enciphered message, new enciphered messages can be constructed which will pass tests for authenticity. That is, we demonstrate a message forgery attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)

    MATH  Google Scholar 

  2. Bellare, M., Kohno, T., Namprempre, C.: Breaking and provably repairing the SSH authenticated encryption scheme: A case study of the encode-then-encrypt-and-MAC paradigm. ACM Transactions on Information and System Security 7, 206–241 (2004)

    Article  Google Scholar 

  3. Black, J., Urtubia, H.: Side-channel attacks on symmetric encryption schemes: The case for authenticated encryption. In: USENIX 2002. Proceedings of the 11th USENIX Security Symposium, San Francisco, CA, USA August 5-9, 2002 pp. 327–338 (2002)

    Google Scholar 

  4. Canvel, B., Hiltgen, A., Vaudenay, S., Vuagnoux, M.: Password interception in a SSL/TLS channel. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 583–599. Springer, Heidelberg (2003)

    Google Scholar 

  5. Paterson, K.G., Yau, A.: Padding oracle attacks on the ISO CBC mode padding standard. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 305–323. Springer, Heidelberg (2004)

    Google Scholar 

  6. Vaudenay, S.: Security flaws induced by CBC padding — Applications to SSL, IPSEC, WTLS. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 534–545. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  7. Yau, A.K.L., Paterson, K.G., Mitchell, C.J.: Padding oracle attacks on CBC-mode encryption with secret and random IVs. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 299–319. Springer, Heidelberg (2005)

    Google Scholar 

  8. Rogaway, P., Bellare, M., Black, J.: OCB: A block-cipher mode of operation for efficient authenticated encryption. ACM Transactions on Information and System Security 6, 365–403 (2003)

    Article  Google Scholar 

  9. Bellare, M., Rogaway, P., Wagner, D.: The EAX mode of operation. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 389–407. Springer, Heidelberg (2004)

    Google Scholar 

  10. National Institute of Standards and Technology (NIST): NIST Special Publication 800-38C, Recommendation for Block Cipher Modes of Operation: The CCM Mode For Authentication and Confidentiality (2004)

    Google Scholar 

  11. Whiting, D., Housley, R., Ferguson, N.: RFC 3610, Counter with CBC-MAC (CCM). Internet Engineering Task Force (2003)

    Google Scholar 

  12. International Organization for Standardization Genève, Switzerland: ISO/IEC 3rd CD 19772, Information technology — Security techniques — Authenticated encryption mechanisms (2007)

    Google Scholar 

  13. Dent, A.W., Mitchell, C.J.: User’s Guide to Cryptography and Standards. Artech House (2005)

    Google Scholar 

  14. Zuquete, A., Guedes, P.: Efficient error-propagating block chaining. In: Darnell, M. (ed.) Cryptography and Coding. LNCS, vol. 1355, pp. 323–334. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  15. Mitchell, C.J.: Cryptanalysis of two variants of PCBC mode when used for message integrity. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 560–571. Springer, Heidelberg (2005)

    Google Scholar 

  16. International Organization for Standardization Genève, Switzerland: ISO/IEC 18033–3, Information technology — Security techniques — Encryption algorithms — Part 3: Block ciphers (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Group, Royal Holloway, University of London, Egham, Surrey TW20 0EX, UK

    Chris J. Mitchell

Authors
  1. Chris J. Mitchell
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Steven D. Galbraith

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Mitchell, C.J. (2007). Cryptanalysis of the EPBC Authenticated Encryption Mode. In: Galbraith, S.D. (eds) Cryptography and Coding. Cryptography and Coding 2007. Lecture Notes in Computer Science, vol 4887. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77272-9_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-77272-9_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-77271-2

  • Online ISBN: 978-3-540-77272-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics