A Parallelizable Enciphering Mode
نویسندگان
چکیده
We describe a block-cipher mode of operation, EME, that turns an n-bit block cipher intoa tweakable enciphering scheme that acts on strings of mn bits, where m ∈ [1..n]. The mode isparallelizable, but as serial-efficient as the non-parallelizable mode CMC [6]. EME can be usedto solve the disk-sector encryption problem. The algorithm entails two layers of ECB encryptionand a “lightweight mixing” in between. We prove EME secure, in the reduction-based sense ofmodern cryptography. We motivate some of the design choices in EME by showing that a fewsimple modifications of this mode are insecure.
منابع مشابه
Tweakable Enciphering Modes for Sector-Level Encryption
We describe block-cipher modes of operation that turn an n-bit block cipher into a tweakable enciphering scheme that acts on sectors of mn bits, where m ≥ 2. When the underlying block cipher is secure in the sense of a strong pseudorandom permutation (PRP) our schemes are secure in the sense of variableinput-length, tweakable, strong PRP. Such an object can be used to encipher the sectors of a ...
متن کاملAEZ v3: Authenticated Encryption by Enciphering
AEZ encrypts by appending to the plaintext a fixed authentication block and then enciphering the resulting string with an arbitrary-input-length blockcipher, this tweaked by the nonce and AD. The approach results in strong security and usability properties, including nonce-reuse misuse resistance, automatic exploitation of decryption-verified redundancy, and arbitrary, userselectable ciphertext...
متن کاملAEZ v5: Authenticated Encryption by Enciphering
AEZ encrypts by appending to the plaintext a fixed authentication block and then enciphering the resulting string with an arbitrary-input-length blockcipher, this tweaked by the nonce and AD. The approach results in strong security and usability properties, including nonce-reuse misuse resistance, automatic exploitation of decryption-verified redundancy, and arbitrary, userselectable ciphertext...
متن کاملAEZ v4.1: Authenticated Encryption by Enciphering
AEZ encrypts by appending to the plaintext a fixed authentication block and then enciphering the resulting string with an arbitrary-input-length blockcipher, this tweaked by the nonce and AD. The approach results in strong security and usability properties, including nonce-reuse misuse resistance, automatic exploitation of decryption-verified redundancy, and arbitrary, userselectable ciphertext...
متن کاملAEZ v1: Authenticated-Encryption by Enciphering
AEZ encrypts by appending to the plaintext a fixed authentication block and then enciphering the resulting string with an arbitrary-input-length blockcipher, this tweaked by the nonce and AD. The approach results in strong security and usability properties, including nonce-reuse security, automatic exploitation of decryption-verified redundancy, and arbitrary, user-selectable length expansion. ...
متن کامل