Does Encryption with Redundancy Provide Authenticity?

Does Encryption with Redundancy Provide Authenticity? (2001)

Cached

Download Links

by Jee Hea An , Mihir Bellare

Venue:	IN ADVANCES IN CRYPTOLOGY — EUROCRYPT 2001, B. PFITZMANN, ED. LECTURE NOTES IN COMPUTER SCIENCE
Citations:	15 - 5 self

BibTeX

@INPROCEEDINGS{An01doesencryption,
    author = {Jee Hea An and Mihir Bellare},
    title = {Does Encryption with Redundancy Provide Authenticity?},
    booktitle = {IN ADVANCES IN CRYPTOLOGY — EUROCRYPT 2001, B. PFITZMANN, ED. LECTURE NOTES IN COMPUTER SCIENCE},
    year = {2001},
    pages = {512--528},
    publisher = {Springer-Verlag}
}

Bookmark

OpenURL

Abstract

A popular paradigm for achieving privacy plus authenticity is to append some “redundancy” to the data before encrypting. We investigate the security of this paradigm at both a general and a specific level. We consider various possible notions of privacy for the base encryption scheme, and for each such notion we provide a condition on the redundancy function that is necessary and sufficient to ensure authenticity of the encryption-with-redundancy scheme. We then consider the case where the base encryption scheme is a variant of CBC called NCBC, and find sufficient conditions on the redundancy functions for NCBC encryption-with-redundancy to provide authenticity. Our results highlight an important distinction between public redundancy functions, meaning those that the adversary can compute, and secret ones, meaning those that depend on the shared key between the legitimate parties.

Citations

2057	Handbook of Applied Cryptography - Menezes, Oorschot, et al. - 1997
1001	Probabilistic encryption - Goldwasser, Micali - 1984
590	Universal classes of hash functions - Carter, Wegman - 1979
410	Nonmalleable cryptography - Dolev, Dwork, et al. - 2000
404	Keying hash functions for message authentication - Bellare, Canetti, et al. - 1996
388	Relations Among Notions of Security for Public-Key Encryption Schemes - Bellare, Desai, et al. - 1998
296	A Concrete Security Treatment of Symmetric Encryption - Bellare, Desai, et al. - 1997
295	Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack - Rackoff, Simon - 1992
284	New Hash Functions and their Use in Authentication and Set Equality - Wegman, Carter - 1981
244	How to construct pseudorandom permutations from pseudorandom functions - Luby, Rackoff - 1988
172	Authenticated encryption: Relations among notions and analysis of the generic composition paradigm - Bellare, Namprempre
163	The security of the cipher block chaining message authentication code - Bellare, Kilian, et al.
101	The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL - Krawczyk - 2001
100	LFSR-based Hashing and Authentication - Krawczyk
82	On the construction of pseudo-random permutations: Luby-Rackoff revisited - Naor, Reingold - 1999
52	Encode-then-encipher encryption: How to exploit nonces or redundancy in plaintexts for efficient cryptography - Bellare, Rogaway
51	Non-Malleable Encryption: Equivalence between Two Notions and an Indistinguishability-Based Characterization - Bellare, Sahai - 1999
51	Fast encryption and authentication: XCBC encryption and XECB authentication modes - Gligor, Donescu - 2001
50	Complete Characterization of Security Notions for Probabilistic PrivateKey Encryption - Katz, Yung
48	Bucket hashing and its application to fast message authentication - Rogaway - 1995
35	MMH: Software message authentication in the Gbit/second rates - Halevi, Krawczyk - 1997
18	Unforgeable encryption and adaptively secure modes of operation”, FSE’00, pp.284–299 (2000) [7 - Katz, Yung - 2001
17	Cryptographic Primitives for Information Authentication – State of the Art, State of the Art - Preneel - 1998
15	Universal hashing and multiple authentication - Atici, Stinson - 1996
12	Online ciphers and the Hash-CBC construction - Bellare, Boldyreva, et al. - 2001
3	UMAC: Fast and securemessage authentication - Black, Halevi, et al. - 1999
3	A High Speed Manipulation Detection Code - Jueneman - 1987
2	The Security of the Cipher Block Chaining MessageAuthentication Code - Bellare, Kilian, et al.
1	OCB: A Block-Cipher Mode of Operationfor Efficient Authenticated Encryption - Rogaway, Bellare, et al. - 2001