Paper 2000/039
Encryption Modes with Almost Free Message Integrity
Charanjit S. Jutla
Abstract
We define a new mode of operation for block ciphers which in addition to providing confidentiality also ensures message integrity. In contrast, previously for message integrity a separate pass was required to compute a cryptographic message authentication code (MAC). The new mode of operation, called Integrity Aware Parallelizable Mode (IAPM), requires a total of m+1 block cipher evaluations on a plain-text of length m blocks. For comparison, the well known CBC (cipher block chaining) encryption mode requires m block cipher evaluations, and the second pass of computing the CBC-MAC essentially requires additional m+1 block cipher evaluations. As the name suggests, the new mode is also highly parallelizable.
Note: The abstract has been changed to reflect the abstract in the published paper (as opposed to the original eprint submission from Aug 2000).
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Minor revision. Journal of Cryptology
- DOI
- 10.1007/s00145-008-9024-z
- Keywords
- Block cipherCBCauthenticationMACmodes of operation
- Contact author(s)
- csjutla @ us ibm com
- History
- 2018-04-08: last of 2 revisions
- 2000-08-01: received
- See all versions
- Short URL
- https://ia.cr/2000/039
- License
-
CC BY
