Cryptology ePrint Archive: Report 2003/154

ManTiCore: Encryption with Joint Cipher-State Authentication

Cheryl Beaver and Timothy Draelos and Richard Schroeppel and Mark Torgerson

Abstract: We describe a new method for authenticated encryption, which uses information from the internal state of the cipher to provide the authentication. This methodology has a number of benefits. The encryption has properties similar to CBC mode, yet the encipherment and authentication mechanisms can be parallelized and/or pipelined. The authentication overhead is minimal, so the computational cost of the authenticated encryption is very nearly that of the encryption process. Also, the authentication process remains resistant against some IV reuse. We present a class of encryption algorithms that are based on cryptographic hash functions. Because of the hash function construction, the MTC4 class of methods supports variable encryption block sizes up to twice the hash output block length and trivially supports variable key lengths. We also provide a more general construction for using the internal state of any round-based block cipher as an authenticator. We give a concrete example of the general construction that uses AES as the encryption primitive. We provide performance measurements for all of our constructions.

Category / Keywords: secret-key cryptography / Authenticated Encryption, Luby-Rackoff, Feistel, Middletext, Hash, Cipher

Date: received 1 Aug 2003

Contact author: rschroe at sandia gov

Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | BibTeX Citation

Version: 20030802:213317 (All versions of this report)

Discussion forum: Show discussion | Start new discussion