Cryptology ePrint Archive: Report 2014/297

Pipelineable On-Line Encryption

Farzaneh Abed and Scott Fluhrer and Christian Forler and Eik List and Stefan Lucks and David McGrew and Jakob Wenzel

Abstract: Correct authenticated decryption requires the receiver to buffer the decrypted message until the authenticity check has been performed. In high-speed networks, which must handle large message frames at low latency, this behavior becomes practically infeasible. This paper proposes CCA-secure on-line ciphers as a practical alternative to AE schemes since the former provide some defense against malicious message modifications. Unfortunately, all published on-line ciphers so far are either inherently sequential, or lack a CCA-security proof.

This paper introduces POE, a family of on-line ciphers that combines provable security against chosen-ciphertext attacks with pipelineability to support efficient implementations. POE combines a block cipher and an e-AXU family of hash functions. Different instantiations of POE are given, based on different universal hash functions and suitable for different platforms. Moreover, this paper introduces POET, a provably secure on-line AE scheme, which inherits pipelineability and chosen-ciphertext-security from POE and provides additional resistance against nonce-misuse attacks.

Category / Keywords: secret-key cryptography / on-line cipher, chosen-ciphertext security, authenticated encryption

Original Publication (with minor differences): IACR-FSE-2014

Date: received 28 Apr 2014, last revised 30 Apr 2014

Contact author: eik list at uni-weimar de

Available format(s): PDF | BibTeX Citation

Version: 20140430:121418 (All versions of this report)

Short URL: ia.cr/2014/297