Cryptology ePrint Archive: Report 2003/147
A Parallelizable Enciphering Mode
Shai Halevi and Phillip Rogaway
Abstract: We describe a block-cipher mode of operation, EME, that turns an
n-bit block cipher into a tweakable enciphering scheme that acts
on strings of mn bits, where m \in [1..n]. The mode is parallelizable, but as serial-efficient as the non-parallelizable mode CMC. EME can be used to solve the disk-sector encryption problem. The algorithm entails two layers of ECB encryption and a "lightweight mixing" in between. We prove EME secure, in the reduction-based sense of modern cryptography. We motivate some of the design choices in EME by showing that a few
simple modifications of this mode are insecure.
Category / Keywords: secret-key cryptography / Block-cipher usage, cryptographic standards, disk encryption, modes of operation, provable security, sector-level encryption, symmetric encryption.
Date: received 28 Jul 2003
Contact author: shaih at watson ibm com
Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Version: 20030728:190628 (All versions of this report)
Short URL: ia.cr/2003/147
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]