Paper 2011/326

SGCM: The Sophie Germain Counter Mode

Markku-Juhani O. Saarinen

Abstract

Sophie Germain Counter Mode (SGCM) is an authenticated encryption mode of operation, to be used with 128-bit block ciphers such as AES. SGCM is a variant of the NIST standardized Galois / Counter Mode (GCM) which has been found to be susceptible to weak key / short cycle forgery attacks. The GCM attacks are made possible by its extremely smooth-order multiplicative group which splits into 512 subgroups. Instead of GCM's $GF(2^{128})$, we use $GF(p)$ with $p=2^{128}+12451$, where $\frac{p-1}{2}$ is also a prime. SGCM is intended for those who want a concrete, largely technically compatible alternative to GCM. In this memo we give a technical specification of SGCM, together with some elements of its implementation, security and performance analysis. Test vectors are also included.

Note: Typos corrected.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown where it was published
Keywords
Authenticated EncryptionGCMSophie Germain Counter Mode.
Contact author(s)
mjos @ iki fi
History
2011-11-04: last of 5 revisions
2011-06-17: received
See all versions
Short URL
https://ia.cr/2011/326
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2011/326,
      author = {Markku-Juhani O.  Saarinen},
      title = {{SGCM}: The Sophie Germain Counter Mode},
      howpublished = {Cryptology {ePrint} Archive, Paper 2011/326},
      year = {2011},
      url = {https://eprint.iacr.org/2011/326}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.