On rate-1 and beyond-the-birthday bound secure online ciphers using tweakable block ciphers
Recently, Andreeva et al. showed that online ciphers are actually equivalent to arbitrary tweak length (ATL) tweakable block ciphers (TBCs). Within this result they gave a security preserving generic conversion from ATL TBCs to online ciphers. XTX by Minematsu and Iwata is a nice way of extending th...
Gespeichert in:
| Veröffentlicht in: | Cryptography and communications 2018-09, Vol.10 (5), p.731-753 |
|---|---|
| Hauptverfasser: | , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 753 |
|---|---|
| container_issue | 5 |
| container_start_page | 731 |
| container_title | Cryptography and communications |
| container_volume | 10 |
| creator | Jha, Ashwin Nandi, Mridul |
| description | Recently, Andreeva et al. showed that online ciphers are actually equivalent to arbitrary tweak length (ATL) tweakable block ciphers (TBCs). Within this result they gave a security preserving generic conversion from ATL TBCs to online ciphers. XTX by Minematsu and Iwata is a nice way of extending the tweak space of any fixed tweak length (FTL) TBC using a pAXU hash function. By combining the previous two methods one can get a FTL TBC based online cipher with security in the order of
σ
2
ε
where
σ
is the total number of blocks in all queries, and
ε
is the pAXU bound of the underlying hash function. In this paper we show that there are genuine practical issues which render it almost impossible to get full security using this approach. We then observe that a recent online enciphering scheme called POEx by Forler et al. is actually an implicit example of this approach. We show a flaw in the analysis of POEx which results in a birthday bound attack and invalidates the beyond-the-birthday bound OSPRP security claim. We take a slightly different approach then the one just mentioned and propose XTC which achieves OSPRP security of
O
(max(
n
σ
2
−
n
,
σ
2
2
−(
n
+
t
)
)) where
t
is the tweak size and
n
is the block size. While doing so we present an impossibility result for
t
>
n
which can be of independent interest. |
| doi_str_mv | 10.1007/s12095-017-0275-0 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2043795509</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2043795509</sourcerecordid><originalsourceid>FETCH-LOGICAL-c316t-a9b63abae5a709c3be111f1a7e0424d005ce5ec813a146be86bb6231b1ca0f453</originalsourceid><addsrcrecordid>eNp1kMtOwzAQRS0EEqXwAewssTbMxHbSLFHFS6rUDaxYWLYzadMWp9iJUP-eoPBYsZor3cdIh7FLhGsEKG4SZlBqAVgIyIpBHLEJljIXmdL6-Fer4pSdpbQByHWm5IS9LgOPtiOB3IaKOzq0oRLdmoRrYreu7IG7th-cRL6PxNuwawJx3-zXFBPvUxNWvPsgu7VuR9ztWr_9cc_ZSW13iS6-75S93N89zx_FYvnwNL9dCC8x74QtXS6ts6RtAaWXjhCxRlsQqExVANqTJj9DaVHljma5c3km0aG3UCstp-xq3N3H9r2n1JlN28cwvDQZKFmUWkM5pHBM-dimFKk2-9i82XgwCOaLoRkZmoGh-WJoYOhkYycN2bCi-Lf8f-kTg0J0aQ</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2043795509</pqid></control><display><type>article</type><title>On rate-1 and beyond-the-birthday bound secure online ciphers using tweakable block ciphers</title><source>SpringerLink Journals - AutoHoldings</source><creator>Jha, Ashwin ; Nandi, Mridul</creator><creatorcontrib>Jha, Ashwin ; Nandi, Mridul</creatorcontrib><description>Recently, Andreeva et al. showed that online ciphers are actually equivalent to arbitrary tweak length (ATL) tweakable block ciphers (TBCs). Within this result they gave a security preserving generic conversion from ATL TBCs to online ciphers. XTX by Minematsu and Iwata is a nice way of extending the tweak space of any fixed tweak length (FTL) TBC using a pAXU hash function. By combining the previous two methods one can get a FTL TBC based online cipher with security in the order of
σ
2
ε
where
σ
is the total number of blocks in all queries, and
ε
is the pAXU bound of the underlying hash function. In this paper we show that there are genuine practical issues which render it almost impossible to get full security using this approach. We then observe that a recent online enciphering scheme called POEx by Forler et al. is actually an implicit example of this approach. We show a flaw in the analysis of POEx which results in a birthday bound attack and invalidates the beyond-the-birthday bound OSPRP security claim. We take a slightly different approach then the one just mentioned and propose XTC which achieves OSPRP security of
O
(max(
n
σ
2
−
n
,
σ
2
2
−(
n
+
t
)
)) where
t
is the tweak size and
n
is the block size. While doing so we present an impossibility result for
t
>
n
which can be of independent interest.</description><identifier>ISSN: 1936-2447</identifier><identifier>EISSN: 1936-2455</identifier><identifier>DOI: 10.1007/s12095-017-0275-0</identifier><language>eng</language><publisher>New York: Springer US</publisher><subject>Circuits ; Coding and Information Theory ; Communications Engineering ; Computer Science ; Data Structures and Information Theory ; Encryption ; Information and Communication ; Mathematics of Computing ; Networks ; Security ; Special Issue on Statistics in Design and Analysis of Symmetric Ciphers</subject><ispartof>Cryptography and communications, 2018-09, Vol.10 (5), p.731-753</ispartof><rights>Springer Science+Business Media, LLC, part of Springer Nature 2018</rights><rights>Copyright Springer Science & Business Media 2018</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c316t-a9b63abae5a709c3be111f1a7e0424d005ce5ec813a146be86bb6231b1ca0f453</citedby><cites>FETCH-LOGICAL-c316t-a9b63abae5a709c3be111f1a7e0424d005ce5ec813a146be86bb6231b1ca0f453</cites><orcidid>0000-0001-5957-2837</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/s12095-017-0275-0$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/s12095-017-0275-0$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>314,780,784,27922,27923,41486,42555,51317</link.rule.ids></links><search><creatorcontrib>Jha, Ashwin</creatorcontrib><creatorcontrib>Nandi, Mridul</creatorcontrib><title>On rate-1 and beyond-the-birthday bound secure online ciphers using tweakable block ciphers</title><title>Cryptography and communications</title><addtitle>Cryptogr. Commun</addtitle><description>Recently, Andreeva et al. showed that online ciphers are actually equivalent to arbitrary tweak length (ATL) tweakable block ciphers (TBCs). Within this result they gave a security preserving generic conversion from ATL TBCs to online ciphers. XTX by Minematsu and Iwata is a nice way of extending the tweak space of any fixed tweak length (FTL) TBC using a pAXU hash function. By combining the previous two methods one can get a FTL TBC based online cipher with security in the order of
σ
2
ε
where
σ
is the total number of blocks in all queries, and
ε
is the pAXU bound of the underlying hash function. In this paper we show that there are genuine practical issues which render it almost impossible to get full security using this approach. We then observe that a recent online enciphering scheme called POEx by Forler et al. is actually an implicit example of this approach. We show a flaw in the analysis of POEx which results in a birthday bound attack and invalidates the beyond-the-birthday bound OSPRP security claim. We take a slightly different approach then the one just mentioned and propose XTC which achieves OSPRP security of
O
(max(
n
σ
2
−
n
,
σ
2
2
−(
n
+
t
)
)) where
t
is the tweak size and
n
is the block size. While doing so we present an impossibility result for
t
>
n
which can be of independent interest.</description><subject>Circuits</subject><subject>Coding and Information Theory</subject><subject>Communications Engineering</subject><subject>Computer Science</subject><subject>Data Structures and Information Theory</subject><subject>Encryption</subject><subject>Information and Communication</subject><subject>Mathematics of Computing</subject><subject>Networks</subject><subject>Security</subject><subject>Special Issue on Statistics in Design and Analysis of Symmetric Ciphers</subject><issn>1936-2447</issn><issn>1936-2455</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2018</creationdate><recordtype>article</recordtype><recordid>eNp1kMtOwzAQRS0EEqXwAewssTbMxHbSLFHFS6rUDaxYWLYzadMWp9iJUP-eoPBYsZor3cdIh7FLhGsEKG4SZlBqAVgIyIpBHLEJljIXmdL6-Fer4pSdpbQByHWm5IS9LgOPtiOB3IaKOzq0oRLdmoRrYreu7IG7th-cRL6PxNuwawJx3-zXFBPvUxNWvPsgu7VuR9ztWr_9cc_ZSW13iS6-75S93N89zx_FYvnwNL9dCC8x74QtXS6ts6RtAaWXjhCxRlsQqExVANqTJj9DaVHljma5c3km0aG3UCstp-xq3N3H9r2n1JlN28cwvDQZKFmUWkM5pHBM-dimFKk2-9i82XgwCOaLoRkZmoGh-WJoYOhkYycN2bCi-Lf8f-kTg0J0aQ</recordid><startdate>20180901</startdate><enddate>20180901</enddate><creator>Jha, Ashwin</creator><creator>Nandi, Mridul</creator><general>Springer US</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0000-0001-5957-2837</orcidid></search><sort><creationdate>20180901</creationdate><title>On rate-1 and beyond-the-birthday bound secure online ciphers using tweakable block ciphers</title><author>Jha, Ashwin ; Nandi, Mridul</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c316t-a9b63abae5a709c3be111f1a7e0424d005ce5ec813a146be86bb6231b1ca0f453</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2018</creationdate><topic>Circuits</topic><topic>Coding and Information Theory</topic><topic>Communications Engineering</topic><topic>Computer Science</topic><topic>Data Structures and Information Theory</topic><topic>Encryption</topic><topic>Information and Communication</topic><topic>Mathematics of Computing</topic><topic>Networks</topic><topic>Security</topic><topic>Special Issue on Statistics in Design and Analysis of Symmetric Ciphers</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Jha, Ashwin</creatorcontrib><creatorcontrib>Nandi, Mridul</creatorcontrib><collection>CrossRef</collection><jtitle>Cryptography and communications</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Jha, Ashwin</au><au>Nandi, Mridul</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>On rate-1 and beyond-the-birthday bound secure online ciphers using tweakable block ciphers</atitle><jtitle>Cryptography and communications</jtitle><stitle>Cryptogr. Commun</stitle><date>2018-09-01</date><risdate>2018</risdate><volume>10</volume><issue>5</issue><spage>731</spage><epage>753</epage><pages>731-753</pages><issn>1936-2447</issn><eissn>1936-2455</eissn><abstract>Recently, Andreeva et al. showed that online ciphers are actually equivalent to arbitrary tweak length (ATL) tweakable block ciphers (TBCs). Within this result they gave a security preserving generic conversion from ATL TBCs to online ciphers. XTX by Minematsu and Iwata is a nice way of extending the tweak space of any fixed tweak length (FTL) TBC using a pAXU hash function. By combining the previous two methods one can get a FTL TBC based online cipher with security in the order of
σ
2
ε
where
σ
is the total number of blocks in all queries, and
ε
is the pAXU bound of the underlying hash function. In this paper we show that there are genuine practical issues which render it almost impossible to get full security using this approach. We then observe that a recent online enciphering scheme called POEx by Forler et al. is actually an implicit example of this approach. We show a flaw in the analysis of POEx which results in a birthday bound attack and invalidates the beyond-the-birthday bound OSPRP security claim. We take a slightly different approach then the one just mentioned and propose XTC which achieves OSPRP security of
O
(max(
n
σ
2
−
n
,
σ
2
2
−(
n
+
t
)
)) where
t
is the tweak size and
n
is the block size. While doing so we present an impossibility result for
t
>
n
which can be of independent interest.</abstract><cop>New York</cop><pub>Springer US</pub><doi>10.1007/s12095-017-0275-0</doi><tpages>23</tpages><orcidid>https://orcid.org/0000-0001-5957-2837</orcidid></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1936-2447 |
| ispartof | Cryptography and communications, 2018-09, Vol.10 (5), p.731-753 |
| issn | 1936-2447 1936-2455 |
| language | eng |
| recordid | cdi_proquest_journals_2043795509 |
| source | SpringerLink Journals - AutoHoldings |
| subjects | Circuits Coding and Information Theory Communications Engineering Computer Science Data Structures and Information Theory Encryption Information and Communication Mathematics of Computing Networks Security Special Issue on Statistics in Design and Analysis of Symmetric Ciphers |
| title | On rate-1 and beyond-the-birthday bound secure online ciphers using tweakable block ciphers |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-13T23%3A35%3A26IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=On%20rate-1%20and%20beyond-the-birthday%20bound%20secure%20online%20ciphers%20using%20tweakable%20block%20ciphers&rft.jtitle=Cryptography%20and%20communications&rft.au=Jha,%20Ashwin&rft.date=2018-09-01&rft.volume=10&rft.issue=5&rft.spage=731&rft.epage=753&rft.pages=731-753&rft.issn=1936-2447&rft.eissn=1936-2455&rft_id=info:doi/10.1007/s12095-017-0275-0&rft_dat=%3Cproquest_cross%3E2043795509%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2043795509&rft_id=info:pmid/&rfr_iscdi=true |