How to construct pseudorandom permutations from pseudorandom functions
SIAM Journal on Computing - Special issue on cryptography
Complete characterization of security notions for probabilistic private-key encryption
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
The security of the cipher block chaining message authentication code
Journal of Computer and System Sciences
OCB: a block-cipher mode of operation for efficient authenticated encryption
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
SIAM Journal on Computing
XOR MACs: New Methods for Message Authentication Using Finite Pseudorandom Functions
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Relations Among Notions of Security for Public-Key Encryption Schemes
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Integrity-Aware PCBC Encryption Schemes
Proceedings of the 7th International Workshop on Security Protocols
Fast Encryption and Authentication: XCBC Encryption and XECB Authentication Modes
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
A Concrete Security Treatment of Symmetric Encryption
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
OCB: a block-cipher mode of operation for efficient authenticated encryption
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Authenticated encryption in SSH: provably fixing the SSH binary packet protocol
Proceedings of the 9th ACM conference on Computer and communications security
A key-management scheme for distributed sensor networks
Proceedings of the 9th ACM conference on Computer and communications security
On the Security of CTR + CBC-MAC
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
Single-Path Authenticated-Encryption Scheme Based on Universal Hashing
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
On the Security of Joint Signature and Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption
Proceedings of the 11th USENIX Security Symposium
OCB: A block-cipher mode of operation for efficient authenticated encryption
ACM Transactions on Information and System Security (TISSEC)
Roam, a seamless application framework
Journal of Systems and Software - Special issue: Ubiquitous computing
ACM Transactions on Information and System Security (TISSEC)
Application of synchronous dynamic encryption system in mobile wireless domains
Proceedings of the 1st ACM international workshop on Quality of service & security in wireless and mobile networks
On the Distribution and Revocation of Cryptographic Keys in Sensor Networks
IEEE Transactions on Dependable and Secure Computing
A survey of recent developments in cryptographic algorithms for smart cards
Computer Networks: The International Journal of Computer and Telecommunications Networking
Secure deletion for a versioning file system
FAST'05 Proceedings of the 4th conference on USENIX Conference on File and Storage Technologies - Volume 4
Palimpsest: soft-capacity storage for planetary-scale services
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Encryption-enforced access control in dynamic multi-domain publish/subscribe networks
Proceedings of the 2007 inaugural international conference on Distributed event-based systems
Key management and secure software updates in wireless process control environments
WiSec '08 Proceedings of the first ACM conference on Wireless network security
Password-Only Authenticated Key Exchange Between Two Agents in the Four-Party Setting
KES-AMSTA '07 Proceedings of the 1st KES International Symposium on Agent and Multi-Agent Systems: Technologies and Applications
An enhanced security architecture for wireless sensor network
DNCOCO'09 Proceedings of the 8th WSEAS international conference on Data networks, communications, computers
Real-or-random Key Secrecy of the Otway-Rees Protocol via a Symbolic Security Proof
Electronic Notes in Theoretical Computer Science (ENTCS)
Improved security analysis of XEX and LRW modes
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Concealment and its applications to authenticated encryption
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Provably-secure schemes for basic query support in outsourced databases
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Secure hybrid encryption from weakened key encapsulation
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Authenticated encryption mode for beyond the birthday bound security
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
On the security of the CCM encryption mode and of a slight variant
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Spread spectrum storage with mnemosyne
Future directions in distributed computing
Power of a public random permutation and its application to authenticated encryption
IEEE Transactions on Information Theory
Improving the generalized Feistel
FSE'10 Proceedings of the 17th international conference on Fast software encryption
Cryptography for network security: failures, successes and challenges
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Authenticated and misuse-resistant encryption of key-dependent data
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
A timed calculus for wireless systems
Theoretical Computer Science
Symmetric nonce respecting security model and the MEM mode of operation
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
New applications of time memory data tradeoffs
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
How to enhance the security of the 3GPP confidentiality and integrity algorithms
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Two-pass authenticated encryption faster than generic composition
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
HCTR: a variable-input-length enciphering mode
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
A new mode of encryption providing a tweakable strong pseudo-random permutation
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Automated security proof for symmetric encryption modes
ASIAN'09 Proceedings of the 13th Asian conference on Advances in Computer Science: information Security and Privacy
A domain extender for the ideal cipher
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Hybrid signcryption schemes with outsider security
ISC'05 Proceedings of the 8th international conference on Information Security
On the security of tweakable modes of operation: TBC and TAE
ISC'05 Proceedings of the 8th international conference on Information Security
The security and performance of the galois/counter mode (GCM) of operation
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
Multi-Source stream authentication framework in case of composite MPEG-4 stream
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
Cryptographic agility and its relation to circular encryption
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
An inter-domain key agreement protocol using weak passwords
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
Games and the impossibility of realizable ideal functionality
TCC'06 Proceedings of the Third conference on Theory of Cryptography
PRF domain extension using DAGs
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Duplexing the sponge: single-pass authenticated encryption and other applications
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
ASC-1: an authenticated encryption stream cipher
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
Authenticated encryption: how reordering can impact performance
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Designing the API for a cryptographic library: a misuse-resistant application programming interface
Ada-Europe'12 Proceedings of the 17th Ada-Europe international conference on Reliable Software Technologies
A cost-effective tag design for memory data authentication in embedded systems
Proceedings of the 2012 international conference on Compilers, architectures and synthesis for embedded systems
McOE: a family of almost foolproof on-line authenticated encryption schemes
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
The low-call diet: authenticated encryption for call counting HSM users
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
Hi-index | 0.06 |
We describe a parallelizable block-cipher mode of operation that simultaneously provides privacy and authenticity. OCB encrypts-and-authenticates a nonempty string M &egr; {0,1} using \lceil |M|/n\rceil + 2 block-cipher invocations, where n is the block length of the underlying block cipher. Additional overhead is small. OCB refines a scheme, IAPM, suggested by Charanjit Jutla. Desirable properties of OCB include: the ability to encrypt a bit string of arbitrary length into a ciphertext of minimal length; cheap offset calculations; cheap session setup; a single underlying cryptographic key; no extended-precision addition; a nearly optimal number of block-cipher calls; and no requirement for a random IV. We prove OCB secure, quantifying the adversary's ability to violate the mode's privacy or authenticity in terms of the quality of its block cipher as a pseudorandom permutation (PRP) or as a strong PRP, respectively.