Abstract
Traditional encryption schemes, such as Cipher Block Chaining (CBC), are unable to detect integrity violations caused by adaptive chosen-message (i.e., chosen-plaintext and ciphertext) attacks when used with typical non-cryptographic Manipulation Detection Code (MDC) functions, such as bitwise exclusive-or, modular addition, CRC-32, and quadratic checksums. In this paper, we define secure Plaintext-Ciphertext Block Chaining (PCBC) schemes that detect such violations at a low performance cost, thereby preserving both message secrecy and integrity against chosen-message attacks. We present the salient properties of these schemes, their security, and preliminary performance measurements.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Baldwin, R., Rivest, R.: RFC 2040: The RC5, RC5-CBC, RC-5CBCPad, and RC5-CTS Algorithms (October 30, 1996), available at ftp://ds.internic.net/rfc/rfc2040.txt
Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A Concrete Security Treatment of Symmetric Encryption. In: Proceedings of the 38th Symposium on Foundations of Computer Science, pp. 394–403. IEEE, Los Alamitos (1997), A full version of this paper is available at http://www-cse.ucsd.edu/users/mihir
Bellare, M., Guerin, R., Rogaway, P.: XOR MACs: New methods for message authentication using finite pseudo-random functions. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 15–28. Springer, Heidelberg (1995); Also U.S. Patent No. 5,757,913 (May 1998), and U.S. Patent No. 5,673,318 (September 1997)
Bellare, M., Killian, J., Rogaway, P.: The security of cipher block chaining. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 341–358. Springer, Heidelberg (1994)
Bellare, M., Rogaway, P.: Block Cipher Mode of Operation for Secure, Length- Preserving Encryption. U.S Patent No. 5,673,319 (September 1997)
Bellare, M., Rogaway, P.: On the construction of variable-input-length ciphers. In: Knudsen, L. (ed.) Proceedings of the 6th Workshop on Fast Software Encryption. Springer, Heidelberg (1999)
Bellovin, S.M.: Cryptography and the Internet. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 46–55. Springer, Heidelberg (1998)
Open Software Foundation, OSF - Distributed Computing Environment (DCE), Remote Procedure Call Mechanisms, Code Snapshot 3, Release, 1.0, March 17 (1991)
FIPS 81, DES modes of operation, FederalI nformation Processing Standards Publication 81, U.S. Department of Commerce/National Bureau of Standards, NationalTechnical Information Service, Springfield, Virginia (1980)
FIPS 180-1, Secure hash standard, FederalI nformation Processing Standards Publication 180-1, U.S. Department of Commerce/N.I.S.T., National Technical Information Service, Springfield, Virginia, April 17 (1995) (supersedes FIPS PUB 180)
Gligor, V.D., Lindsay, B.G.: Object Migration and Authentication. IEEE Transactions on Software Engineering, SE-5 6 (November 1979); Also IBM Research Report RJ 2298 (3l04) (August 1978)
Gligor, V.D.: Integrity Conditions for Symmetric Encryption, University of Maryland, Computer Science Technical Report, CS-TR-3958 (December 1998) (revised April 1999)
Gligor, V.D.: Symmetric Encryption with Random Counters. University of Maryland, Computer Science Technical Report, CS-TR-3968 (December 1998)
Gligor, V.D., Stubblebine, S.G., Donescu, P.: New Integrity-Aware CBC Encryption Schemes. University of Maryland, Computer Science Technical Report, CS-TR-3999 (March 1999) (revised October 1999)
Juneman, R.R., Matyas, S.M., Meyer, C.H.: Message Authentication with Manipulation Detection Codes. In: Proc. of the IEEE Symp. on Security and Privacy, Oakland, CA, pp. 33–54 (April 1983)
Kohl, J.T.: The use of encryption in Kerberos for network authentication. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 35–43. Springer, Heidelberg (1990)
Meyer, C.H., Matyas, S.M.: Cryptography; A New Dimension in Computer Data Security. John Wiley & Sons, New York (1982) (second and third printings)
Naor, M., Reingold, O.: From Unpredictability to Indistinguishability: A Simple Construction of Pseudo-Random Functions from MACs. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 267–282. Springer, Heidelberg (1998)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)
Petrank, E., Rackoff, C.: CBC MAC for Real-Time Data Sources. Manuscript (1997), available at http://philby.ucsd.edu/cryptolib.html
Rivest, R.L.: RFC 1321, The MD5 message-digest algorithm, Internet Request for Comments 1321 (April 1992) (presented at Rump Session of Crypto 1991)
Kohl, J., Neuman, B.C.: RFC 1510, The Kerberos network authentication service (V5), Internet Request for Comments 1510 (September 1993)
Rivest, R.L., Robshaw, M.J.B., Sidney, R., Yin, Y.L.: The RC6TM Block Cipher. Submitted to the US Department of Commerce, NIST, for consideration as the new Advanced Encryption Standard (AES), available at http://theory.lcs.mit.edu/ rivest/publications.html
Stubblebine, S.G., Gligor, V.D.: On message integrity in cryptographic protocols. In: Proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 85–104 (1992)
SSLeay, available at ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL
Touch, J.D.: Performance Analysis of MD5. In: Proceedings of ACM, SIGCOMM 1995, pp. 77–86 (1996)
Voydock, V.L., Kent, S.T.: Security Mechanisms in high-level network protocols. Computing Surveys 15, 135–171 (1983)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gligor, V.D., Donescu, P. (2000). Integrity-Aware PCBC Encryption Schemes. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 1999. Lecture Notes in Computer Science, vol 1796. Springer, Berlin, Heidelberg. https://doi.org/10.1007/10720107_22
Download citation
DOI: https://doi.org/10.1007/10720107_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-67381-1
Online ISBN: 978-3-540-45570-7
eBook Packages: Springer Book Archive