Results

**11 - 13**of**13**### Ciphers with Arbitrary Finite Domains

, 2000

"... We introduce the problem of enciphering members of a nite set M where k = jMj is arbitrary (in particular, it need not be a power of two). We want to achieve this goal starting from a block cipher (which requires a message space of size N = 2 n , for some n). We look at a few solutions to this ..."

Abstract
- Add to MetaCart

We introduce the problem of enciphering members of a nite set M where k = jMj is arbitrary (in particular, it need not be a power of two). We want to achieve this goal starting from a block cipher (which requires a message space of size N = 2 n , for some n). We look at a few solutions to this problem, focusing on the case when M = f0; 1; : : : ; k 1g. We see ciphers with arbitrary domains as a useful primitive for making bit-ecient higherlevel protocols. They seem to be particularly useful for password-based authentication protocols.

### A Synopsis of Format-Preserving Encryption

- UNPUBLISHED MANUSCRIPT
, 2010

"... Format-preserving encryption (FPE) encrypts a plaintext of some specified format into a ciphertext of the same format—for example, encrypting a social-security number into a social-security number. In this survey we describe FPE and review known techniques for achieving it. These include FFX, a rece ..."

Abstract
- Add to MetaCart

Format-preserving encryption (FPE) encrypts a plaintext of some specified format into a ciphertext of the same format—for example, encrypting a social-security number into a social-security number. In this survey we describe FPE and review known techniques for achieving it. These include FFX, a recent proposal made to NIST.

### Private-key symbolic . . .

"... Symbolic encryption, in the style of Dolev-Yao models, is ubiquitous in formal security analysis aiming at the automated verification of network protocols. The naïve use of symbolic encryption, however, may unnecessarily require an expensive construction: an arbitrary-length encryption scheme that i ..."

Abstract
- Add to MetaCart

Symbolic encryption, in the style of Dolev-Yao models, is ubiquitous in formal security analysis aiming at the automated verification of network protocols. The naïve use of symbolic encryption, however, may unnecessarily require an expensive construction: an arbitrary-length encryption scheme that is private and non-malleable in an adaptive CCA-CPA setting. Most of the time, such assumptions remain hidden and rather symbolic encryption is instantiated with a seemingly “good ” cryptographic encryption, such as AES in the CBC configuration. As an illustration of this problem, we first report new attacks on ECB and CBC based implementations of the well-known Needham-Schroeder and Denning-Sacco protocols. We then present a few symbolic encryption schemes along with their cryptographic semantics, and prove the hierarchical relations between the proposed schemes from both cryptographic and formal perspectives. These symbolic schemes can be seamlessly used in many existing formal security models.