Cryptology ePrint Archive: Report 2017/849

FAST: Disk Encryption and Beyond

Debrup Chakraborty and Sebati Ghosh and Cuauhtemoc Mancillas Lopez and Palash Sarkar

Abstract: This work introduces \sym{FAST} which is a new family of tweakable enciphering schemes. Several instantiations of \sym{FAST} are described. These are targeted towards two goals, the specific task of disk encryption and a more general scheme suitable for a wide variety of practical applications. A major contribution of this work is to present detailed and careful software implementations of all of these instantiations. For disk encryption, the results from the implementations show that \sym{FAST} compares very favourably to the IEEE disk encryption standards XCB and EME2 as well as the more recent proposal AEZ. \sym{FAST} is built using a fixed input length pseudo-random function and an appropriate hash function. It uses a single-block key, is parallelisable and can be instantiated using only the encryption function of a block cipher. The hash function can be instantiated using either the Horner's rule based usual polynomial hashing or hashing based on the more efficient Bernstein-Rabin-Winograd polynomials. Security of \sym{FAST} has been rigorously analysed using the standard provable security approach and concrete security bounds have been derived. Based on our implementation results, we put forward \sym{FAST} as a serious candidate for standardisation and deployment.

Category / Keywords: secret-key cryptography / disk encryption, tweakable enciphering schemes, pseudo-random function, Horner, BRW

Date: received 2 Sep 2017, last revised 13 Dec 2019

Contact author: debrup at isical ac in, sebati_r at isical ac in, palash at isical ac in, cuauhtemoc mancillas83 at gmail com, sebati1987 at gmail com

Available format(s): PDF | BibTeX Citation

Note: Added detailed comparison to AEZ instantiated with the full AES.

Version: 20191213:192957 (All versions of this report)

Short URL: ia.cr/2017/849


[ Cryptology ePrint archive ]