A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf
.
Filters
A Unified Method for Improving PRF Bounds for a Class of Blockcipher Based MACs
[chapter]
2010
Lecture Notes in Computer Science
This paper provides a unified framework for improving PRF (pseudorandom function) advantages of several popular MACs (message authentication codes) based on a blockcipher modeled as RP (random permutation ...
The PRF advantage of any SADE is O(t 2 /2 n ) as we can show that N (t, q) ≤ t 2 . Moreover, N (t, q) = O(tq) for all members of C and hence these MACs have improved advantages O(tq/2 n ). ...
Conclusion and Future Work We provide a unified framework for improving PRF advantages of many known blockcipher based domain extensions. ...
doi:10.1007/978-3-642-13858-4_12
fatcat:vi7vi36u2vbn3gfbilxwlhh44a
Equivalence between MAC, WCR and PRF for Blockcipher Based Constructions
[chapter]
2014
Lecture Notes in Computer Science
In FSE 2010, Nandi proved a sufficient condition of pseudo random function (PRF) for affine domain extensions (ADE), wide class of block cipher based domain extensions. ...
This sufficient condition is satisfied by all known blockcipher based ADE constructions, however, it is not a characterization of PRF. ...
Bellare, Pietrzak and Rogaway in [3] , showed first time an improved bound lQ 2 2 n for CBC-MAC. Afterwards, similar improved bounds were given for PMAC [13, 14] , OMAC [16] and EMAC [20, 21] . ...
doi:10.1007/978-3-319-12475-9_21
fatcat:jhhpxz6cvngffnfcemp7o2d6ue
ZMAC: A Fast Tweakable Block Cipher Mode for Highly Secure Message Authentication
[chapter]
2017
Lecture Notes in Computer Science
We propose a new mode of operation called ZMAC allowing to construct a (stateless and deterministic) message authentication code (MAC) from a tweakable block cipher (TBC). ...
When using a TBC with n-bit blocks and t-bit tweaks, our construction provides security (as a variable-input-length PRF) beyond the birthday bound with respect to the block-length n and allows to process ...
The authors would like to thank the anonymous reviewers of CRYPTO 2017 for their helpful comments. ...
doi:10.1007/978-3-319-63697-9_2
fatcat:ishib5ywabcspbg77dygze7cia
Hash-Function Based PRFs: AMAC and Its Multi-User Security
[chapter]
2016
Lecture Notes in Computer Science
Sponge-based PRFs, where truncation is the final step due to its already being so for the hash function, have been proven secure [17, 21, 1, 8, 10] . ...
We consider another, even simpler, candidate way, namely to change step (2) to apply a simple un-keyed output transform such as truncation. We call this AMAC, for augmented MAC. ...
Acknowledgments We thank the Eurocrypt 2016 reviewers for their comments. ...
doi:10.1007/978-3-662-49890-3_22
fatcat:7csxsiz4arh47dzijtaeaaomkq
Under Pressure: Security of Caesar Candidates beyond their Guarantees
[article]
2017
IACR Cryptology ePrint Archive
The Competition for Authenticated Encryption: Security, Applicability and Robustness (CAESAR) has as its official goal to "identify a portfolio of authenticated ciphers that offer advantages over AES-GCM ...
Rather than invalidating the security claims of any of the candidates, our results provide an additional criterion for evaluating the security that candidates deliver, which can be useful for e.g. breaking ...
We would like to thank the Ascon team for pointing out that generic attacks with the same time but much lower data complexity than our forgery exist, and the Deoxys team for suggesting a better way to ...
dblp:journals/iacr/VaudenayV17
fatcat:ewlkw53ygvdbzlnjik76x4fuga
Algorithm Substitution Attacks against Receivers
[article]
2022
IACR Cryptology ePrint Archive
We present a new class of attack that targets the decryption algorithm of an encryption scheme for symmetric encryption and public key encryption, or the verification algorithm for an authentication scheme ...
This work describes a class of Algorithm Substitution Attack (ASA) generically targeting the receiver of a communication between two parties. ...
Acknowledgements The research of Armour was supported by the EPSRC and the UK government as part of the Centre for Doctoral Training in Cyber Security at Royal Holloway, University of London (EP/P009301 ...
dblp:journals/iacr/ArmourP22
fatcat:rhlzdghjlrg5zfabfcguqnpxvu
Indifferentiable Authenticated Encryption
[chapter]
2018
Lecture Notes in Computer Science
On the positive side, we give a provably indifferentiable Feistel-based construction, which reduces the round complexity from at least 6, needed for blockciphers, to only 3 for encryption. ...
A central property of indifferentiable schemes is that they offer security with respect to a wide class of games. ...
Acknowledgments The authors would like to thank Phillip Rogaway, Martijn Stam, and Stefano Tessaro for their comments. ...
doi:10.1007/978-3-319-96884-1_7
fatcat:r7x75bhhkbfzvdbwexayieynq4
Security of Full-State Keyed Sponge and Duplex: Applications to Authenticated Encryption
[chapter]
2015
Lecture Notes in Computer Science
Our results can be used for making a large class of Sponge-based authenticated encryption schemes more efficient by concurrent absorption of associated data and message blocks. ...
The idea of using full-state message absorption for higher efficiency was first made explicit in the Donkey Sponge MAC construction, but without any formal security proof. ...
We would like to thank the ASIACRYPT reviewers for their constructive comments. We would also like to thank Joan Daemen and Gilles Van Assche for an insightful discussion. ...
doi:10.1007/978-3-662-48800-3_19
fatcat:lu6ck4fwsrgtzltbbw6l46b55i
An application layer non-repudiation wireless system: A cross-layer approach
2010
2010 IEEE International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM)
A key aspect of Suite-B is the deployment of Elliptic Curve Cryptography (ECC). The non-repudiation aspect of this thesis is based on the Suite-B's digital signature scheme; ECDSA. ...
The aim of this thesis is to consider a practical implementation and associated complexities of a non-repudiation system, including analytical and experimental testbeds and results. ...
However using cross layer approaches, a more unified method can be utilized where all layers operate with enhancements destined for the lower layers. ...
doi:10.1109/wowmom.2010.5534971
dblp:conf/wowmom/Adibi10
fatcat:tzhws7t5tzao7eh7qcxfn5srfy
Federated Learning is Better with Non-Homomorphic Encryption
[article]
2023
arXiv
pre-print
However, these methods have a price in the form of extra computation and memory footprint. ...
Our framework offers a way to replace HE with cheaper Classical Cryptography primitives which provides security for the training process. ...
We acknowledge two members of Peter Richtárik's Optimization and Machine Learning Laboratory, Alexander Tyurin and Egor Shulgin, for useful and insightful discussions before the start of this project. ...
arXiv:2312.02074v1
fatcat:jpzrlwsbyrfpnckeite3ew6nfm
Provably Secure Authenticated Encryption
2018
We also propose another provably secure variant of OMD called pure OMD, which enjoys a great improvement of performance over OMD. ...
Based on our findings, we formulate a new definition of online AE security under nonce-reuse, and demonstrate its feasibility. ...
This method to tweak a PRF is essentially the XE method [Rog04a] , originally used to construct tweakable blockciphers. ...
doi:10.5075/epfl-thesis-8681
fatcat:lnmf4nr3xjdfzdf3l6x5dmzhia
Dagstuhl Reports, Volume 6, Issue 1, January 2016, Complete Issue
[article]
2016
For example, implementing cryptographic protocols based on research papers is very difficult for non-researchers. ...
popularization of research results for a general audience. ...
This invalidates the proofs of the PRF bounds. In ICALP'06, Pietrzak improved the bound for EMAC by showing a tight bound O(q 2 /2 n ) under the restriction that < 2 n/8 . ...
doi:10.4230/dagrep.6.1
fatcat:vq74ezrwifbkhex6twvtdzbpaa
Automated Analysis of Protocols that use Authenticated Encryption: How Subtle AEAD Differences can impact Protocol Security
2024
We provide the first automated analysis method for protocols that use AEADs that can systematically find attacks that exploit the subtleties of the specific type of AEAD used. ...
Furthermore, our analysis reveals undesirable behaviors of several other protocols based on AEAD subtleties. ...
In this paper, we extend the robustness notions FROB and eFROB for randomized AEADs to a unified notion X-FROB for nonce-based AEADs in Definition 11 , where X ⊆ (k, N, H, m) denotes the degree of robustness ...
doi:10.60882/cispa.25435201.v1
fatcat:337rylzy4zgznh4tr2etugszpi
LIPIcs, Volume 230, ITC 2022, Complete Volume
[article]
2022
And our scheduler matches this bound (up to a constant factor) when b = O( 1 ) and k = O(log q). We defer the proof of the theorem to Section B. ...
Acknowledgements We are thankful to Siyao Guo for clarifications regarding the known techniques for establishing lower bounds for problems in the generic group model with preprocessing. ...
It is a blockcipher-based scheme, however, instead of a conventional variable-input-length PRF (or MAC) such as CMAC, GTM uses a variant of vector-input PRF [34] that accepts an empty string as a component ...
doi:10.4230/lipics.itc.2022
fatcat:essd7vkxajblve2oviyqqe2o3e
Putting secure computation to work
2015
This dissertation presents 1) a systematization of MPC protocols that helps clarify their security and efficiency properties, 2) new, efficient protocols for access control in private databases, and 3) ...
Such protocols attempt to strike a balance between efficiency and security, often by allowing a quantified amount of leakage. ...
One trick they use reduces the size overhead of the tags by encoding the MACs in a Bloom filter, which trades strict search accuracy for space. ...
doi:10.7282/t3r213c5
fatcat:nz3zxloklzcudlcbvod33olf4y
« Previous
Showing results 1 — 15 out of 16 results