zbMATH — the first resource for mathematics

ASC-1: an authenticated encryption stream cipher. (English) Zbl 1292.94083
Miri, Ali (ed.) et al., Selected areas in cryptography. 18th international workshop, SAC 2011, Toronto, ON, Canada, August 11–12, 2011. Revised selected papers. Berlin: Springer (ISBN 978-3-642-28495-3/pbk). Lecture Notes in Computer Science 7118, 356-372 (2012).
Summary: The goal of the modes of operation for authenticated encryption is to achieve faster encryption and message authentication by performing both the encryption and the message authentication in a single pass as opposed to the traditional encrypt-then-mac approach, which requires two passes. Unfortunately, the use of a block cipher as a building block limits the performance of the authenticated encryption schemes to at most one message block per block cipher evaluation.
In this paper, we propose the authenticated encryption scheme ASC-1 (Authenticating Stream Cipher One). Similarly to LEX, ASC-1 uses leak extraction from different AES rounds to compute the key material that is XOR-ed with the message to compute the ciphertext. Unlike LEX, the ASC-1 operates in a CFB fashion to compute an authentication tag over the encrypted message. We argue that ASC-1 is secure by reducing its (IND-CCA , INT-CTXT) security to the problem of distinguishing the case when the round keys are uniformly random from the case when the round keys are generated by a key scheduling algorithm.
For the entire collection see [Zbl 1234.94005].
Reviewer: Reviewer (Berlin)

94A60 Cryptography
Full Text: DOI
[1] Bellare, M., Namprempre, C.: Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000) · Zbl 0973.68059 · doi:10.1007/3-540-44448-3_41
[2] Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Duplexing the Sponge: Authenticated Encryption and Other Applications. In: The Second SHA-3 Candidate Conference (2010) · Zbl 1292.94030
[3] Biryukov, A.: The Design of a Stream Cipher LEX. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 67–75. Springer, Heidelberg (2007) · Zbl 1161.94387 · doi:10.1007/978-3-540-74462-7_6
[4] Daemen, J., Rijmen, V.: A New MAC Construction ALRED and a Specific Instance ALPHA-MAC. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 1–17. Springer, Heidelberg (2005) · Zbl 1140.68385 · doi:10.1007/11502760_1
[5] Daemen, J., Rijmen, V.: The Pelican MAC Function, IACR ePrint Archive, 2005/088
[6] Dunkelman, O., Keller, N.: A New Attack on the LEX Stream Cipher. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 539–556. Springer, Heidelberg (2008) · Zbl 1206.94065 · doi:10.1007/978-3-540-89255-7_33
[7] Ferguson, N., Whiting, D., Schneier, B., Kelsey, J., Lucks, S., Kohno, T.: Helix: Fast Encryption and Authentication in a Single Cryptographic Primitive. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 330–346. Springer, Heidelberg (2003) · Zbl 1254.68115 · doi:10.1007/978-3-540-39887-5_24
[8] Advanced Encryption Standard (AES), FIPS Publication 197 (November 26, 2001), http://csrc.nist.gov/encryption/aes
[9] Gligor, V., Donescu, P.: Fast Encryption and Authentication: XCBC Encryption and XECB Authentication Modes. Presented at the 2nd NIST Workshop on AES Modes of Operation, Santa Barbara, CA (August 24, 2001) · Zbl 1073.68629
[10] Gligor, V.D., Donescu, P.: Fast Encryption and Authentication: XCBC Encryption and XECB Authentication Modes. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 1–20. Springer, Heidelberg (2002) · Zbl 1073.68629 · doi:10.1007/3-540-45473-X_8
[11] Hawkes, P., Rose, G.: Primitive Specification for SOBER-128, http://www.qualcomm.com.au/Sober128.html
[12] Hong, S., Lee, S., Lim, J., Sung, J., Cheon, D., Cho, I.: Provable Security against Differential and Linear Cryptanalysis for the SPN Structure. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 273–283. Springer, Heidelberg (2001) · Zbl 0994.68505 · doi:10.1007/3-540-44706-7_19
[13] Jakimoski, G., Subbalakshmi, K.P.: On Efficient Message Authentication Via Block Cipher Design Techniques. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 232–248. Springer, Heidelberg (2007) · Zbl 1153.94455 · doi:10.1007/978-3-540-76900-2_14
[14] Jutla, C.S.: Encryption Modes with Almost Free Message Integrity. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 529–544. Springer, Heidelberg (2001) · Zbl 0981.94036 · doi:10.1007/3-540-44987-6_32
[15] Kang, J.-S., Hong, S., Lee, S., Yi, O., Park, C., Lim, J.: Practical and Provable Security Against Differential and Linear Cryptanalysis for Ssubstitution-Permutation Networks. ETRI Journal 23(4), 158–167 (2001) · doi:10.4218/etrij.01.0101.0402
[16] Keliher, L., Meijer, H., Tavares, S.: New Method for Upper Bounding the Maximum Average Linear Hull Probability for sPNs. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 420–436. Springer, Heidelberg (2001) · Zbl 1015.94546 · doi:10.1007/3-540-44987-6_26
[17] Keliher, L., Meijer, H., Tavares, S.: Improving the Upper Bound on the Maximum Average Linear Hull Probability for Rijndael. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 112–128. Springer, Heidelberg (2001) · Zbl 1067.94542 · doi:10.1007/3-540-45537-X_9
[18] Keliher, L., Sui, J.: Exact Maximum Expected Differential and Linear Probability for 2-Round Advanced Encryption Standard (AES). IACR ePrint Archive, 2005/321
[19] Matsui, M.: New Structure of Block Ciphers with Provable Security against Differential and Linear Cryptanalysis. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 205–218. Springer, Heidelberg (1996) · Zbl 1373.94925 · doi:10.1007/3-540-60865-6_54
[20] Minematsu, K., Tsunoo, Y.: Provably Secure MACs from Differentially-Uniform Permutations and AES-Based Implementations. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 226–241. Springer, Heidelberg (2006) · Zbl 1234.94058 · doi:10.1007/11799313_15
[21] Park, S., Sung, S.H., Chee, S., Yoon, E.-J., Lim, J.: On the Security of Rijndael-Like Structures against Differential and Linear Cryptanalysis. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 176–191. Springer, Heidelberg (2002) · Zbl 1065.68530 · doi:10.1007/3-540-36178-2_11
[22] Park, S., Sung, S.H., Lee, S., Lim, J.: Improving the Upper Bound on the Maximum Differential and the Maximum Linear Hull Probability for SPN Structures and AES. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 247–260. Springer, Heidelberg (2003) · Zbl 1254.94040 · doi:10.1007/978-3-540-39887-5_19
[23] Rogaway, P.: Bucket Hashing and Its Application to Fast Message Authentication. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 29–42. Springer, Heidelberg (1995) · Zbl 0868.94026 · doi:10.1007/3-540-44750-4_3
[24] Rogaway, P., Bellare, M., Black, J., Krovetz, T.: OCB: A block-cipher mode of operation for efficient authenticated encryption. In: Proc. 8th ACM Conf. Comp. and Comm. Security, CCS (2001) · doi:10.1145/501983.502011
[25] Wu, H., Preneel, B.: Resynchronization Attacks on WG and LEX. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 422–432. Springer, Heidelberg (2006) · Zbl 1234.68098 · doi:10.1007/11799313_27
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. It attempts to reflect the references listed in the original paper as accurately as possible without claiming the completeness or perfect precision of the matching.