The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL?)
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
ACM Transactions on Information and System Security (TISSEC)
Attacking the IPsec Standards in Encryption-only Configurations
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Immunising CBC Mode Against Padding Oracle Attacks: A Formal Security Treatment
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Plaintext Recovery Attacks against SSH
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Blockwise-adaptive chosen-plaintext attack and online modes of encryption
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
On hiding a plaintext length by preencryption
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
Blockwise adversarial model for on-line ciphers and symmetric encryption schemes
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
Plaintext-Dependent decryption: a formal security treatment of SSH-CTR
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Tag size does matter: attacks and proofs for the TLS record protocol
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
An analysis of the EMV channel establishment protocol
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 0.00 |
In recent years, a number of standardized symmetric encryption schemes have fallen foul of attacks exploiting the fact that in some real world scenarios ciphertexts can be delivered in a fragmented fashion. We initiate the first general and formal study of the security of symmetric encryption against such attacks. We extend the SSH-specific work of Paterson and Watson (Eurocrypt 2010) to develop security models for the fragmented setting. We also develop security models to formalize the additional desirable properties of ciphertext boundary hiding and robustness against Denial-of-Service (DoS) attacks for schemes in this setting. We illustrate the utility of each of our models via efficient constructions for schemes using only standard cryptographic components, including constructions that simultaneously achieve confidentiality, ciphertext boundary hiding and DoS robustness.