Incremental Unforgeable Encryption

The recent selection of the AES block cipher to replace DES has generated interest in developing new modes of operation to supplement the modes defined as part of the DES standard [1,16,23]. We initiate the study of modes of encryption which are both incremental and unforgeable, and point out a number of applications for modes meeting these requirements. We also propose three specific modes achieving these goals, and discuss the strengths and weaknesses of each.

[1]  Mihir Bellare,et al.  Encode-Then-Encipher Encryption: How to Exploit Nonces or Redundancy in Plaintexts for Efficient Cryptography , 2000, ASIACRYPT.

[2]  Shai Halevi,et al.  An observation regarding Jutla's modes of operation , 2001, IACR Cryptol. ePrint Arch..

[3]  Mihir Bellare,et al.  Incremental Cryptography: The Case of Hashing and Signing , 1994, CRYPTO.

[4]  Mihir Bellare,et al.  The Security of Cipher Block Chaining , 1994, CRYPTO.

[5]  Virgil D. Gligor,et al.  Fast Encryption and Authentication: XCBC Encryption and XECB Authentication Modes , 2001, FSE.

[6]  Chanathip Namprempre,et al.  Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm , 2000, ASIACRYPT.

[7]  Michael Luby,et al.  Pseudorandomness and cryptographic applications , 1996, Princeton computer science notes.

[8]  Marc Fischlin Lower bounds for the signature size of incremental schemes , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[9]  Jonathan Katz,et al.  Unforgeable Encryption and Chosen Ciphertext Secure Modes of Operation , 2000, FSE.

[10]  Daniele Micciancio,et al.  Oblivious data structures: applications to cryptography , 1997, STOC '97.

[11]  Mihir Bellare,et al.  Incremental cryptography and application to virus protection , 1995, STOC '95.

[12]  Marc Fischlin Incremental Cryptography and Memory Checkers , 1997, EUROCRYPT.

[13]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[14]  Jonathan Katz,et al.  Complete characterization of security notions for probabilistic private-key encryption , 2000, STOC '00.

[15]  Charanjit S. Jutla Encryption Modes with Almost Free Message Integrity , 2001, EUROCRYPT.

[16]  Matt Blaze,et al.  A cryptographic file system for UNIX , 1993, CCS '93.

[17]  Mihir Bellare,et al.  A New Paradigm for Collision-Free Hashing: Incrementality at Reduced Cost , 1997, EUROCRYPT.

[18]  Mihir Bellare,et al.  A concrete security treatment of symmetric encryption , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.