HTEE: An HMAC based Tamper Evident Encryption

This paper presents a HMAC based Temper Evident Encryption (HTEE) technique for providing confidentiality and integrity of numeric data in a database environment through an encryption scheme based on the keyed Hash Message Authentication Code (HMAC) function. The encryption scheme implemented in this project extends and improves an existing HMAC based encryption scheme. The result is a symmetric encryption process which detects unauthorized updates to ciphertext data, verifies integrity and provides confidentiality. This encryption scheme provides an alternative to standard approaches that offer confidentiality and integrity of data such as combining the Advanced Encryption Standard (AES) algorithm with a hash digest. The purpose of the scheme is to provide a straightforward and efficient encryption that supports data integrity, to investigate the use of HMAC for reversible encryption and key transformation, and to improve upon an existing method.

[1]  Yu Sasaki A Full Key Recovery Attack on HMAC-AURORA-512 , 2009, IACR Cryptol. ePrint Arch..

[2]  G. Sassatelli,et al.  How to Add the Integrity Checking Capability to Block Encryption Algorithms , 2006, 2006 Ph.D. Research in Microelectronics and Electronics.

[3]  Yongdae Kim,et al.  Securing distributed storage: challenges, techniques, and systems , 2005, StorageSS '05.

[5]  Scott Contini,et al.  Forgery and Partial Key-Recovery Attacks on HMAC and NMAC Using Hash Collisions , 2006, ASIACRYPT.

[6]  William Stallings,et al.  Cryptography and network security , 1998 .

[7]  Erez Zadok,et al.  Ensuring data integrity in storage: techniques and applications , 2005, StorageSS '05.

[8]  Sung Min Lee,et al.  How to Construct a New Encryption Scheme Supporting Range Queries on Encrypted Database , 2008 .

[9]  Gaëtan Leurent,et al.  Full Key-Recovery Attacks on HMAC/NMAC-MD4 and NMAC-MD5 , 2007, CRYPTO.

[10]  Sung Min Lee,et al.  How to Construct a New Encryption Scheme Supporting Range Queries on Encrypted Database , 2007, 2007 International Conference on Convergence Information Technology (ICCIT 2007).

[11]  Richard T. Snodgrass,et al.  Forensic analysis of database tampering , 2008, TODS.

[12]  Jongsung Kim,et al.  On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0 and SHA-1 (Extended Abstract) , 2006, SCN.

[13]  Lionel Torres,et al.  PE-ICE: Parallelized Encryption and Integrity Checking Engine , 2006, 2006 IEEE Design and Diagnostics of Electronic Circuits and systems.

[14]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.