The Security of "One-Block-to-Many" Modes of Operation
نویسنده
چکیده
In this paper, we investigate the security, in the Luby-Rackoff security paradigm, of blockcipher modes of operation allowing to expand a one-block input into a longer t-block output under the control of a secret key K. Such “one-block-to-many” modes of operation are of frequent use in cryptology. They can be used for stream cipher encryption purposes, and for authentication and key distribution purposes in contexts such as mobile communications. We show that although the expansion functions resulting from modes of operation of blockciphers such as the counter mode or the output feedback mode are not pseudorandom, slight modifications of these two modes provide pseudorandom expansion functions. The main result of this paper is a detailed proof, in the Luby-Rackoff security model, that the expansion function used in the construction of the third generation mobile (UMTS) example authentication and key agreement algorithm MILENAGE is pseudorandom.
منابع مشابه
Modes of Operation of a Block Cipher
A n-bit block cipher with a k-bit key is a set of 2k bijections on n-bit strings. A block cipher is a flexible building block; it can be used for encryption and authenticated encryption, to construct MAC algorithms and hash functions. When a block cipher is used for confidentiality protection, the security goal is to prevent a passive eavesdropper with limited computational power to learn any i...
متن کاملConstruction of Stream Ciphers from Block Ciphers and their Security
With well-established encryption algorithms like DES or AES at hand, one could have the impression that most of the work for building a cryptosystem -for example a suite of algorithms for the transmission of encrypted data over the internet is already done. But the task of a cipher is very specific: to encrypt or decrypt a data block of a specified length. Given an plaintext of arbitrary length...
متن کاملIncorporating Wind Power Generation And Demand Response into Security-Constrained Unit Commitment
Wind generation with an uncertain nature poses many challenges in grid integration and secure operation of power system. One of these operation problems is the unit commitment. Demand Response (DR) can be defined as the changes in electric usage by end-use customers from their normal consumption patterns in response to the changes in the price of electricity over time. Further, DR can be also d...
متن کاملOn Some Weaknesses in the Disk Encryption Schemes EME and EME2
Tweakable enciphering schemes are a certain type of blockcipher mode of operation which provide security in the sense of a strong pseudo-random permutation. It has been proposed that these types of modes are suitable for in-place disk encryption. Currently there are many proposals available for these schemes. EME is one of the efficient candidate of this category. EME2 is a derivative of EME wh...
متن کاملAutomated Security Proof for Symmetric Encryption
We presents a compositional Hoare logic for proving semantic security of modes of operation for symmetric key block ciphers. We propose a simple programming language to specify encryption modes and an assertion language that allows to state invariants and axioms and rules to establish such invariants. The assertion language consists of few atomic predicates. We were able to use our method to ve...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2003