Toward a Fully Secure Authenticated Encryption Scheme From a Pseudorandom Permutation

Cited 0 time in webofscience Cited 0 time in scopus
  • Hit : 104
  • Download : 0
DC FieldValueLanguage
dc.contributor.authorChoi, Wonseokko
dc.contributor.authorLee, Byeonghakko
dc.contributor.authorLee, Jooyoungko
dc.contributor.authorLee, YeongMinko
dc.date.accessioned2021-11-08T06:42:15Z-
dc.date.available2021-11-08T06:42:15Z-
dc.date.created2021-11-06-
dc.date.issued2021-12-08-
dc.identifier.citation27th Annual International Conference on the Theory and Application of Cryptology and Information Security-
dc.identifier.urihttp://hdl.handle.net/10203/288919-
dc.description.abstractIn this paper, we propose a new block cipher-based authenticated encryption scheme, dubbed the Synthetic Counter with Masking (SCM) mode. SCM follows the NSIV paradigm proposed by Peyrin and Seurin (CRYPTO 2016), where a keyed hash function accepts a nonce N with associated data and a message, yielding an authentication tag T, and then the message is encrypted by a counter-like mode using both T and N. Here we move one step further by encrypting nonces; in the encryption part, the inputs to the block cipher are determined by T, counters, and an encrypted nonce, and all its outputs are also masked by an (additional) encrypted nonce, yielding keystream blocks. As a result, we obtain, for the first time, a block cipher-based authenticated encryption scheme of rate 1/2 that provides n-bit security with respect to the query complexity (ignoring the influence of message length) in the nonce-respecting setting, and at the same time guarantees graceful security degradation in the faulty nonce model, when the underlying nbit block cipher is modeled as a secure pseudorandom permutation. Seen as a slight variant of GCM-SIV, SCM is also parallelizable and inversefree, and its performance is still comparable to GCM-SIV.-
dc.languageEnglish-
dc.publisherInternational Association for Cryptologic Research (IACR)-
dc.titleToward a Fully Secure Authenticated Encryption Scheme From a Pseudorandom Permutation-
dc.typeConference-
dc.type.rimsCONF-
dc.citation.publicationname27th Annual International Conference on the Theory and Application of Cryptology and Information Security-
dc.identifier.conferencecountrySI-
dc.identifier.conferencelocationVirtual-
dc.contributor.localauthorLee, Jooyoung-
Appears in Collection
CS-Conference Papers(학술회의논문)
Files in This Item
There are no files associated with this item.

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0