A Note on NSA’s Dual Counter Mode of Encryption
نویسندگان
چکیده
We show that both variants of the Dual Counter Mode of encryption (DCM) submitted for consideration as an AES mode of operation to NIST by M. Boyle and C. Salter of the NSA are insecure with respect to both secrecy and integrity in the face of chosen-plaintext attacks. We argue that DCM cannot be easily changed to satisfy its stated performance goal and be secure. Hence repairing DCM does not appear worthwhile.
منابع مشابه
Fractal Bandpass Filter Using Y-shaped Dual-Mode Resonator for C-Band Receiver (Research Note)
In this study, a fractal, Y-shaped dual-mode resonator bandpass filter (BPF) with input-output cross-coupling is introduced. A parallel-coupling feed structure with a cross coupling has been used to generate two transmission zeroes (TZs) near the lower and upper cutoff frequency that can effectively improve the passband edge selectivity. Also, a fractal shaped based on conventional diamond and ...
متن کاملAuthentication Failures in NIST version of GCM
In this note, we study the security of the Galois/Counter mode authenticated encryption recently published by NIST. We show how an adversary can recover the secret key of the keyed hash function underlying the authentication, using a chosen IV attack. Once this secret key is known, the encryption mode is no longer authenticated. As a con sequence, all chosen ciphertext attacks against the conf...
متن کاملGCM, GHASH and Weak Keys
The Galois/Counter Mode (GCM) of operation has been standardized by NIST to provide single-pass authenticated encryption. The GHASH authentication component of GCM belongs to a class of Wegman-Carter polynomial universal hashes that operate in the field GF (2). GCM uses the same block cipher key K to both encrypt data and to derive the generator H of the authentication polynomial. In present li...
متن کاملModified Sliding-Mode Control Method for Synchronization a Class of Chaotic Fractional-Order Systems with Application in Encryption
In this study, we propose a secure communication scheme based on the synchronization of two identical fractional-order chaotic systems. The fractional-order derivative is in Caputo sense, and for synchronization, we use a robust sliding-mode control scheme. The designed sliding surface is taken simply due to using special technic for fractional-order systems. Also, unlike most manuscripts, the ...
متن کاملImplementing GCM on ARMv8
The Galois/Counter Mode is an authenticated encryption scheme which is included in protocols such as TLS and IPSec. Its implementation requires multiplication over a binary finite field, an operation which is costly to implement in software. Recent processors have included instructions aimed to speed up binary polynomial multiplication, an operation which can be used to implement binary field m...
متن کامل