Paper 2021/1441

Length-preserving encryption with HCTR2

Paul Crowley, Google (United States)
Nathan Huckleberry, Google (United States)
Eric Biggers, Google (United States)
Abstract

On modern processors HCTR is one of the most efficient constructions for building a tweakable super-pseudorandom permutation. However, a bug in the specification and another in Chakraborty and Nandi's security proof invalidate the claimed security bound. We here present HCTR2, which fixes these issues and improves the security bound, performance and flexibility. GitHub: https://github.com/google/hctr2

Note: See https://github.com/google/hctr2/tags to compare differences between revisions

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
length-preserving encryptionsuper-pseudorandom permutationvariable input lengthtweakable encryptiondisk encryption
Contact author(s)
paulcrowley @ google com
nhuck @ google com
ebiggers @ google com
History
2023-11-01: last of 2 revisions
2021-10-27: received
See all versions
Short URL
https://ia.cr/2021/1441
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2021/1441,
      author = {Paul Crowley and Nathan Huckleberry and Eric Biggers},
      title = {Length-preserving encryption with {HCTR2}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/1441},
      year = {2021},
      url = {https://eprint.iacr.org/2021/1441}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.