Integrity-Aware PCBC Encryption Schemes

Traditional encryption schemes, such as Cipher Block Chaining (CBC), are unable to detect integrity violations caused by adaptive chosen-message (i.e., chosen-plaintext and ciphertext) attacks when used with typical non-cryptographic Manipulation Detection Code (MDC) functions, such as bitwise exclusive-or, modular addition, CRC-32, and quadratic checksums. In this paper, we define secure Plaintext-Ciphertext Block Chaining (PCBC) schemes that detect such violations at a low performance cost, thereby preserving both message secrecy and integrity against chosen-message attacks. We present the salient properties of these schemes, their security, and preliminary performance measurements.

[1]  Joseph D. Touch,et al.  Performance analysis of MD5 , 1995, SIGCOMM '95.

[2]  John T. Kohl The use of Encryption in Kerberos for Network Authentication , 1989, CRYPTO.

[3]  Stephen M. Matyas,et al.  Message Authentication with Manipulation Detection Code , 1983, 1983 IEEE Symposium on Security and Privacy.

[4]  John T. Kohl,et al.  The Kerberos Network Authentication Service (V5 , 2004 .

[5]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[6]  Abraham Bookstein,et al.  Cryptography: A new dimension in computer data security ? and ?. Wiley-Interscience, New York (1982). xxi + 775 pp., $43.95. ISBN 0471-04892-5. , 1985 .

[7]  Steven M. Bellovin Cryptography and the Internet , 1998, CRYPTO.

[8]  Mihir Bellare,et al.  XOR MACs: New Methods for Message Authentication Using Finite Pseudorandom Functions , 1995, CRYPTO.

[9]  Mihir Bellare,et al.  A concrete security treatment of symmetric encryption , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[10]  Virgil D. Gligor,et al.  On message integrity in cryptographic protocols , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[11]  Bruce G. Lindsay,et al.  Object Migration and Authentication , 1979, IEEE Transactions on Software Engineering.

[12]  Hugo Krawczyk,et al.  Advances in Cryptology - CRYPTO '98 , 1998 .

[13]  Mihir Bellare,et al.  The Security of Cipher Block Chaining , 1994, CRYPTO.

[14]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[15]  Stephen T. Kent,et al.  Security Mechanisms in High-Level Network Protocols , 1983, CSUR.

[16]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[17]  Mihir Bellare,et al.  On the Construction of Variable-Input-Length Ciphers , 1999, FSE.

[18]  Moni Naor,et al.  From Unpredictability to Indistinguishability: A Simple Construction of Pseudo-Random Functions from MACs (Extended Abstract) , 1998, CRYPTO.