INT-RUP Security of Checksum-Based Authenticated Encryption

被引：6

作者：

Zhang, Ping ^{[1
]}

Wang, Peng ^{[2
]}

Hu, Honggang ^{[1
]}

Cheng, Changsong ^{[3
]}

Kuai, Wenke ^{[4
]}

机构：

[1] Chinese Acad Sci, Univ Sci & Technol China, Key Lab Elect Space Informat, Hefei 230027, Peoples R China

[2] Chinese Acad Sci, Inst Informat Engn, State Key Lab Informat Secur, Beijing 100049, Peoples R China

[3] Minist Publ Secur, Network Secur Res & Dev Ctr, Res Inst 3, Shanghai 200031, Peoples R China

[4] State Grid Anhui Elect Power Co, Informat & Commun Branch, Hefei 230061, Peoples R China

来源：

PROVABLE SECURITY, PROVSEC 2017 | 2017年 / 10592卷

基金：

中国国家自然科学基金;

关键词：

Authenticated Encryption; INT-RUP; Nonce-misuse; Checksum; Tweakable Blockcipher; MODES;

D O I：

10.1007/978-3-319-68637-0_9

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Offset codebook mode (OCB) provides neither integrity under releasing unverified plaintext (INT-RUP) nor nonce-misuse resistance. The tag of OCB is generated by encrypting a plaintext checksum, which is vulnerable in the INT-RUP security model. This paper focuses on the weakness of the checksum processing in OCB. We describe a new type of structure, called plaintext and ciphertext checksum (PCC), which is a generalization of the plaintext checksum, and prove that all authenticated encryption schemes with PCC are insecure in the INT-RUP security model. Then, we fix the weakness of PCC and present another new type of structure, called intermediate checksum (IC), to generate the authentication tag. To settle the INT-RUP security of OCB in the noncemisuse setting, we provide a modified OCB scheme based on IC, called OCB-IC. OCB-IC is proven INT-RUP secure up to the birthday bound in the nonce-misuse setting if the underlying tweakable blockcipher is a secure mixed tweakable pseudorandom permutation (MTPRP). Finally, we present some discussions about OCB-IC.

引用

页码：147 / 166

页数：20

共 28 条

[1] Lucky Thirteen: Breaking the TLS and DTLS Record Protocols [J].

AlFardan, Nadhem J. ;

Paterson, Kenneth G. .

2013 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), 2013, :526-540

[2]

Alomair Basel, 2012, Applied Cryptography and Network Security. Proceedings 10th International Conference, ACNS 2012, P84, DOI 10.1007/978-3-642-31284-7_6

[3]

Andreeva E, 2014, LECT NOTES COMPUT SC, V8873, P105, DOI 10.1007/978-3-662-45611-8_6

[4]

Andreeva E, 2013, LECT NOTES COMPUT SC, V8269, P424, DOI 10.1007/978-3-642-42033-7_22

[5]

[Anonymous], 2001, P 8 ACM C COMP COMM

[6]

[Anonymous], 2007, 80038D NIST SP

[7]

Bellare M., 1997, Advances in Cryptology - EUROCRYPT '97. International Conference on the Theory and Application of Cryptographic Techniques Proceedings, P163

[8]

Bellare M, 2000, LECT NOTES COMPUT SC, V1976, P531

[9] ALE: AES-Based Lightweight Authenticated Encryption [J].

Bogdanov, Andrey ;

Mendel, Florian ;

Regazzoni, Francesco ;

Rijmen, Vincent ;

Tischhauser, Elmar .

FAST SOFTWARE ENCRYPTION (FSE 2013), 2014, 8424 :447-466

[10]

Canvel B, 2003, LECT NOTES COMPUT SC, V2729, P583

← 1 2 3 →