Breaking the IOC Authenticated Encryption Mode

In this paper we cryptanalyse a block cipher mode of operation, called Input Output Chaining (IOC), designed by Recacha and submitted to NIST in 2013 for consideration as a lightweight authenticated encryption mode. We present an existential forgery attack against IOC which makes only one chosen message query, runs in a small constant time, and succeeds with an overwhelming probability 1 - 3 × 2− n , where n is the block length of the underlying block cipher. Therefore, this attack fully breaks the integrity of IOC.

[1]  Bart Preneel,et al.  Cryptographic Primitives for Information Authentication - State of the Art , 1997, State of the Art in Applied Cryptography.

[2]  Chris J. Mitchell Analysing the IOBC Authenticated Encryption Mode , 2013, ACISP.

[3]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[4]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[5]  Gerhard Goos,et al.  State of the Art in Applied Cryptography , 1998, Lecture Notes in Computer Science.

[6]  Jonathan Katz,et al.  Unforgeable Encryption and Chosen Ciphertext Secure Modes of Operation , 2000, FSE.

[7]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[8]  Phillip Rogaway,et al.  The Software Performance of Authenticated-Encryption Modes , 2011, FSE.

[9]  Chanathip Namprempre,et al.  Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm , 2000, Journal of Cryptology.

[10]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[11]  Serge Vaudenay,et al.  Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS , 2002, EUROCRYPT.

[12]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[13]  Serge Vaudenay,et al.  Password Interception in a SSL/TLS Channel , 2003, CRYPTO.

[14]  Mihir Bellare,et al.  Encode-Then-Encipher Encryption: How to Exploit Nonces or Redundancy in Plaintexts for Efficient Cryptography , 2000, ASIACRYPT.

[15]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[16]  Tatsuaki Okamoto,et al.  Advances in Cryptology — ASIACRYPT 2000 , 2000, Lecture Notes in Computer Science.

[17]  John T. Kohl The use of Encryption in Kerberos for Network Authentication , 1989, CRYPTO.

[18]  Chris J. Mitchell Cryptanalysis of Two Variants of PCBC Mode When Used for Message Integrity , 2005, ACISP.