Paper 2014/297
Pipelineable On-Line Encryption
Farzaneh Abed, Scott Fluhrer, Christian Forler, Eik List, Stefan Lucks, David McGrew, and Jakob Wenzel
Abstract
Correct authenticated decryption requires the receiver to buffer the decrypted message until the authenticity check has been performed. In high-speed networks, which must handle large message frames at low latency, this behavior becomes practically infeasible. This paper proposes CCA-secure on-line ciphers as a practical alternative to AE schemes since the former provide some defense against malicious message modifications. Unfortunately, all published on-line ciphers so far are either inherently sequential, or lack a CCA-security proof. This paper introduces POE, a family of on-line ciphers that combines provable security against chosen-ciphertext attacks with pipelineability to support efficient implementations. POE combines a block cipher and an e-AXU family of hash functions. Different instantiations of POE are given, based on different universal hash functions and suitable for different platforms. Moreover, this paper introduces POET, a provably secure on-line AE scheme, which inherits pipelineability and chosen-ciphertext-security from POE and provides additional resistance against nonce-misuse attacks.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- A minor revision of an IACR publication in FSE 2014
- Keywords
- on-line cipherchosen-ciphertext securityauthenticated encryption
- Contact author(s)
- eik list @ uni-weimar de
- History
- 2014-04-30: revised
- 2014-04-30: received
- See all versions
- Short URL
- https://ia.cr/2014/297
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2014/297,
author = {Farzaneh Abed and Scott Fluhrer and Christian Forler and Eik List and Stefan Lucks and David McGrew and Jakob Wenzel},
title = {Pipelineable On-Line Encryption},
howpublished = {Cryptology {ePrint} Archive, Paper 2014/297},
year = {2014},
url = {https://eprint.iacr.org/2014/297}
}
