On the (in)security of two Joint Encryption and Error Correction schemes

  • Authors:

  • Qi Chai;Guang Gong

  • Affiliations:

  • Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, Ontario N2L 3G1, Canada.;Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, Ontario N2L 3G1, Canada

  • Venue:
  • International Journal of Security and Networks
  • Year:
  • 2011

Quantified Score

Hi-index 0.00

Visualization

Abstract

Joint Encryption and Error Correction (JEEC) is proposed to combine encoding/encryption as one process to boost more compact implementations. In this paper, we provide rigorous investigation on the security of two JECC schemes, namely ECBC and SECC. For ECBC, we found a 3-stage differential-like attack, which breaks it with O(k × 2deg(f) + 2k) effort, where deg(f) is the degree of the core cryptographic function f and k is the block length. For SECC, we found a similar attack of complexity O(k × 2k+1). Additionally, we exhibit that f used in ECBC is particularly vulnerable, which allows the secret matrix to be recovered in O(1). To mitigate this vulnerability, we propose a secure-yet-lightweight construction of f. Finally, the core part of our attack has been implemented. Experimental results confirm that the original implementation of ECBC can be broken in constant time (<0.4 s) regardless of k, whereas the ECBC enhanced by our proposed f can withstand this attack to the maximum extent.