The Security of Cipher Block Chaining
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Concrete Security Treatment of Symmetric Encryption
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
The sum of PRPs is a secure PRF
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
New blockcipher modes of operation with beyond the birthday bound security
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Authenticated encryption mode for beyond the birthday bound security
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
| Hi-index | 0.00 |
Given a PRP defined over {0, 1}n, we describe a new generic and efficient method to obtain modes of operation with a security level beyond the birthday bound 2n/2. These new modes, named NEMO (for New Encryption Modes of Operation), are based on a new contribution to the problem of transforming a PRP into a PRF. According to our approach, any generator matrix of a linear code of minimal distance d, d ≥ 1, can be used to design a PRF with a security of order 2dn/(d+1). Such PRFs can be used to obtain NEMO, the security level of which is of the same order (2dn/(d+1)). In particular, the well-known counter mode becomes a particular case when considering the identity linear code (of minimal distance d = 1) and the mode of operation CENC [7] corresponds to the case of the the parity check linear code of minimal distance d = 2. Any other generator matrix leads to a new PRF and a new mode of operation. We give an illustrative example using d = 4 which reaches the security level 24n/5 with a computation overhead less than 4% in comparison to the counter mode.