Paper 2017/496

Modes of Operation Suitable for Computing on Encrypted Data

Dragos Rotaru, Nigel P. Smart, and Martijn Stam


We examine how two parallel modes of operation for Authenticated Encryption (namely CTR+PMAC and OTR mode) work when evaluated in a multi-party computation engine. These two modes are selected because they suit the PRFs examined in previous works. In particular the modes are highly parallel, and do not require evaluation of the inverse of the underlying PRF. In order to use these modes one needs to convert them from their original instantiation of being defined on binary blocks of data, to working on elememts in a large prime finite field. The latter fitting the use case of many secret-sharing based MPC engines. In doing this conversion we examine the associated security proofs of PMAC and OTR, and show that they carry over to this new setting.

Available format(s)
Secret-key cryptography
Publication info
Published by the IACR in FSE 2018
Contact author(s)
dragos rotaru @ bristol ac uk
nigel @ cs bris ac uk
stam @ cs bris ac uk
2017-08-18: last of 2 revisions
2017-06-01: received
See all versions
Short URL
Creative Commons Attribution


      author = {Dragos Rotaru and Nigel P.  Smart and Martijn Stam},
      title = {Modes of Operation Suitable for Computing on  Encrypted Data},
      howpublished = {Cryptology ePrint Archive, Paper 2017/496},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.