Cryptology ePrint Archive: Report 2018/1090

Plaintext Recovery Attack of OCB2

Tetsu Iwata

Abstract: Inoue and Minematsu [Cryptology ePrint Archive: Report 2018/1040] presented efficient forgery attacks against OCB2, and Poettering [Cryptology ePrint Archive: Report 2018/1087] presented a distinguishing attack. In this short note, based on these results, we show a plaintext recovery attack against OCB2 in the chosen plaintext and ciphertext setting. We also show that the decryption oracle of the underlying block cipher can be simulated. This complements the simulation of the encryption oracle of the block cipher by Poettering in [Cryptology ePrint Archive: Report 2018/1087].

Category / Keywords: secret-key cryptography / OCB2, plaintext recovery attack, chosen plaintext and ciphertext setting

Date: received 11 Nov 2018, last revised 15 Nov 2018

Contact author: tetsu iwata at nagoya-u jp

Available format(s): PDF | BibTeX Citation

Version: 20181116:011651 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]