Paper 2017/849

FAST: Disk Encryption and Beyond

Debrup Chakraborty, Sebati Ghosh, Cuauhtemoc Mancillas Lopez, and Palash Sarkar


This work introduces \sym{FAST} which is a new family of tweakable enciphering schemes. Several instantiations of \sym{FAST} are described. These are targeted towards two goals, the specific task of disk encryption and a more general scheme suitable for a wide variety of practical applications. A major contribution of this work is to present detailed and careful software implementations of all of these instantiations. For disk encryption, the results from the implementations show that \sym{FAST} compares very favourably to the IEEE disk encryption standards XCB and EME2 as well as the more recent proposal AEZ. \sym{FAST} is built using a fixed input length pseudo-random function and an appropriate hash function. It uses a single-block key, is parallelisable and can be instantiated using only the encryption function of a block cipher. The hash function can be instantiated using either the Horner's rule based usual polynomial hashing or hashing based on the more efficient Bernstein-Rabin-Winograd polynomials. Security of \sym{FAST} has been rigorously analysed using the standard provable security approach and concrete security bounds have been derived. Based on our implementation results, we put forward \sym{FAST} as a serious candidate for standardisation and deployment.

Note: Added detailed comparison to AEZ instantiated with the full AES.

Available format(s)
Secret-key cryptography
Publication info
Preprint. Minor revision.
disk encryptiontweakable enciphering schemespseudo-random functionHornerBRW
Contact author(s)
debrup @ isical ac in
sebati_r @ isical ac in
palash @ isical ac in
cuauhtemoc mancillas83 @ gmail com
sebati1987 @ gmail com
2019-12-13: last of 3 revisions
2017-09-08: received
See all versions
Short URL
Creative Commons Attribution


      author = {Debrup Chakraborty and Sebati Ghosh and Cuauhtemoc Mancillas Lopez and Palash Sarkar},
      title = {FAST: Disk Encryption and Beyond},
      howpublished = {Cryptology ePrint Archive, Paper 2017/849},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.