HBS: A Single-Key Mode of Operation for Deterministic Authenticated Encryption
نویسندگان
چکیده
We propose the HBS (Hash Block Stealing) mode of operation. This is the first single-key mode that provably achieves the goal of providing deterministic authenticated encryption. The authentication part of HBS utilizes a newly-developed, vector-input polynomial hash function. The encryption part uses a blockcipher-based, counter-like mode. These two parts are combined in such a way as the numbers of finite-field multiplications and blockcipher calls are minimized. Specifically, for a header of h blocks and a message of m blocks, the HBS algorithm requires just h +m + 2 multiplications in the finite field and m + 2 calls to the blockcipher. Although the HBS algorithm is fairly simple, its security proof is rather complicated.
منابع مشابه
RFC 5297 SIV - AES October 2008
This memo describes SIV (Synthetic Initialization Vector), a block cipher mode of operation. SIV takes a key, a plaintext, and multiple variable-length octet strings that will be authenticated but not encrypted. It produces a ciphertext having the same length as the plaintext and a synthetic initialization vector. Depending on how it is used, SIV achieves either the goal of deterministic authen...
متن کاملRandom Key Chaining (RKC): AES Mode of Operation
There is a compelling need for a mode of operation that can efficiently provide authenticated encryption at a higher data rate, and is capable of making use of pipelining and parallel processing. This paper describes Random Key Chaining (RKC) block cipher mode of operation that fills this need. RKC mode makes use of Deterministic Random Bit Generator (DRBG) and with the application of DRBG ever...
متن کاملPatent-Free Authenticated-Encryption As Fast As OCB
This paper presents an efficient authenticated encryption construction based on a universal hash function and block cipher. Encryption is achieved via counter-mode while authentication uses the Wegman-Carter paradigm. A single block-cipher key is used for both operations. The construction is instantiated using the hash functions of UMAC and VMAC, resulting in authenticated encryption with peak ...
متن کاملArtemia: a family of provably secure authenticated encryption schemes
Authenticated encryption schemes establish both privacy and authenticity. This paper specifies a family of the dedicated authenticated encryption schemes, Artemia. It is an online nonce-based authenticated encryption scheme which supports the associated data. Artemia uses the permutation based mode, JHAE, that is provably secure in the ideal permutation model. The scheme does not require the in...
متن کاملThe Low-Call Diet: Authenticated Encryption for Call Counting HSM Users
We present a new mode of operation for obtaining authenticated encryption suited for use in banking and government environments where cryptographic services are only available via a Hardware Security Module (HSM) which protects the keys but offers a limited API. The practical problem is that despite the existence of better modes of operation, modern HSMs still provide nothing but a basic (unaut...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009