Double ciphertext mode: a proposal for secure backup

Security of data stored in bulk storage devices like the hard disk has gained a lot of importance in the current days. Among the variety of paradigms which are available for disk encryption, low level disk encryption is well accepted because of the high security guarantees it provides. In this paper, we view the problem of disk encryption from a different direction. We explore the possibility of how one can maintain secure backups of the data, such that loss of a physical device will mean neither loss of the data nor the fact that the data gets revealed to the adversary. We propose an efficient solution to this problem through a new cryptographic scheme which we call the double ciphertext mode (DCM). In this paper, we describe the syntax of DCM, define security for it and give some efficient constructions. Moreover, we argue regarding the suitability of DCM for the secure backup application.

[1]  Shai Halevi,et al.  A Tweakable Enciphering Mode , 2003, CRYPTO.

[2]  Palash Sarkar Improving Upon the TET Mode of Operation , 2007, ICISC.

[3]  Shai Halevi,et al.  A Parallelizable Enciphering Mode , 2004, CT-RSA.

[4]  Peng Wang,et al.  HCTR: A Variable-Input-Length Enciphering Mode , 2005, CISC.

[5]  Kan Yasuda,et al.  BTM: A Single-Key, Inverse-Cipher-Free Mode for Deterministic Authenticated Encryption , 2009, Selected Areas in Cryptography.

[6]  Shai Halevi,et al.  Invertible Universal Hashing and the TET Encryption Mode , 2007, CRYPTO.

[7]  Palash Sarkar,et al.  A trade-off between collision probability and key size in universal hashing using polynomials , 2011, Des. Codes Cryptogr..

[8]  Thomas Shrimpton,et al.  Deterministic Authenticated-Encryption: A Provable-Security Treatment of the Key-Wrap Problem , 2006, IACR Cryptol. ePrint Arch..

[9]  Bill Broyles Notes , 1907, The Classical Review.

[10]  Palash Sarkar,et al.  Efficient Tweakable Enciphering Schemes From (Block-Wise) Universal Hash Functions , 2009, IEEE Transactions on Information Theory.

[11]  Palash Sarkar Pseudo-Random Functions and Parallelizable Modes of Operations of a Block Cipher , 2010, IEEE Transactions on Information Theory.

[12]  Scott R. Fluhrer,et al.  The Extended Codebook (XCB) Mode of Operation , 2004, IACR Cryptol. ePrint Arch..

[13]  Palash Sarkar,et al.  A New Mode of Encryption Providing a Tweakable Strong Pseudo-random Permutation , 2006, FSE.

[14]  Kan Yasuda,et al.  HBS: A Single-Key Mode of Operation for Deterministic Authenticated Encryption , 2009, FSE.

[15]  M. Rabin,et al.  Fast evaluation of polynomials by rational preparation , 1972 .

[16]  Palash Sarkar,et al.  HCH: A New Tweakable Enciphering Scheme Using the Hash-Counter-Hash Approach , 2008, IEEE Transactions on Information Theory.