Paper 2013/790

Parallelizable and Authenticated Online Ciphers

Elena Andreeva, Andrey Bogdanov, Atul Luykx, Bart Mennink, Elmar Tischhauser, and Kan Yasuda

Abstract

Online ciphers encrypt an arbitrary number of plaintext blocks and output ciphertext blocks which only depend on the preceding plaintext blocks. All online ciphers proposed so far are essentially serial, which significantly limits their performance on parallel architectures such as modern general-purpose CPUs or dedicated hardware. We propose the first parallelizable online cipher, COPE. It performs two calls to the underlying block cipher per plaintext block and is fully parallelizable in both encryption and decryption. COPE is proven secure against chosen-plaintext attacks assuming the underlying block cipher is a strong PRP. We then extend COPE to create COPA, the first parallelizable, online authenticated cipher with nonce-misuse resistance. COPA only requires two extra block cipher calls to provide integrity. The privacy and integrity of the scheme is proven secure assuming the underlying block cipher is a strong PRP. Our implementation with Intel AES-NI on a Sandy Bridge CPU architecture shows that both COPE and COPA are about \textit{5 times faster} than their closest competition: TC1, TC3, and McOE-G. This high factor of advantage emphasizes the paramount role of parallelizability on up-to-date computing platforms.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A major revision of an IACR publication in ASIACRYPT 2013
Keywords
Block ciphertweakable cipheronline cipherauthenticated encryptionnonce-misuse resistanceparallelizabilityAES
Contact author(s)
atul luykx @ esat kuleuven be
History
2013-11-30: received
Short URL
https://ia.cr/2013/790
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2013/790,
      author = {Elena Andreeva and Andrey Bogdanov and Atul Luykx and Bart Mennink and Elmar Tischhauser and Kan Yasuda},
      title = {Parallelizable and Authenticated Online Ciphers},
      howpublished = {Cryptology ePrint Archive, Paper 2013/790},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/790}},
      url = {https://eprint.iacr.org/2013/790}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.