Paper 2018/1090

Plaintext Recovery Attack of OCB2

Tetsu Iwata

Abstract

Inoue and Minematsu [Cryptology ePrint Archive: Report 2018/1040] presented efficient forgery attacks against OCB2, and Poettering [Cryptology ePrint Archive: Report 2018/1087] presented a distinguishing attack. In this short note, based on these results, we show a plaintext recovery attack against OCB2 in the chosen plaintext and ciphertext setting. We also show that the decryption oracle of the underlying block cipher can be simulated. This complements the simulation of the encryption oracle of the block cipher by Poettering in [Cryptology ePrint Archive: Report 2018/1087].

Note: See [Cryptology ePrint Archive: Report 2019/311] that appeared on March 20, 2019, which is a joint report that includes the findings of [Cryptology ePrint Archive: Report 2018/1040] (by Inoue and Minematsu), [Cryptology ePrint Archive: Report 2018/1087] (by Poettering), and this report.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
OCB2plaintext recovery attackchosen plaintext and ciphertext setting
Contact author(s)
tetsu iwata @ nagoya-u jp
History
2019-03-21: last of 3 revisions
2018-11-12: received
See all versions
Short URL
https://ia.cr/2018/1090
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2018/1090,
      author = {Tetsu Iwata},
      title = {Plaintext Recovery Attack of {OCB2}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/1090},
      year = {2018},
      url = {https://eprint.iacr.org/2018/1090}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.