59 research outputs found
A parallel block-based encryption schema for digital images using reversible cellular automata
AbstractWe propose a novel images encryption schema based on reversible one-dimensional cellular automata. Contrasting to the sequential operating mode of several existing approaches, the proposed one is fully parallelizable since the encryption/decryption tasks can be executed using multiple processes running independently for the same single image. The parallelization is made possible by defining a new RCA-based construction of an extended pseudorandom permutation that takes a nonce as a supplementary parameter. The defined PRP exploit the chaotic behavior and the high initial condition's sensitivity of the RCAs to ensure perfect cryptographic security properties. Results of various experiments and analysis show that high security and execution performances can be achieved using the approach, and furthermore, it provides the ability to perform a selective area decryption since any part of the ciphered-image can be deciphered independently from others, which is very useful for real time applications
An Inverse-free Single-Keyed Tweakable Enciphering Scheme
In CRYPTO 2003, Halevi and Rogaway proposed CMC, a tweakable enciphering scheme (TES) based on a blockcipher. It requires two blockcipher keys and it is not inverse-free (i.e., the decryption algorithm uses the inverse (decryption) of the underlying blockcipher). We present here a new inverse-free, single-keyed TES. Our construction is a tweakable strong pseudorandom permutation (tsprp), i.e., it is secure against chosen-plaintext-ciphertext adversaries assuming that the underlying blockcipher is a pseudorandom permutation (prp), i.e., secure against chosen-plaintext adversaries. In comparison, sprp assumption of the blockcipher is required for the sprp security of CMC. Our scheme can be viewed as a mixture of type-1 and type-3 Feistel cipher and so we call it FMix or mixed-type Feistel cipher
Tweakable HCTR: A BBB Secure Tweakable Enciphering Scheme
\textsf{HCTR}, proposed by Wang et al., is one of the most efficient candidates of tweakable enciphering schemes that turns an -bit block cipher into a variable input length tweakable block cipher. Wang et al. have shown that \textsf{HCTR} offers a cubic security bound against all adaptive chosen plaintext and chosen ciphertext adversaries. Later in FSE 2008, Chakraborty and Nandi have improved its bound to , where is the total number of blocks queried and is the block size of the block cipher. In this paper, we propose \textbf{tweakable \textsf{HCTR}} that turns an -bit tweakable block cipher to a variable input length tweakable block cipher by replacing all the block cipher calls of \textsf{HCTR} with tweakable block cipher. We show that when there is no repetition of the tweak, tweakable \textsf{HCTR} enjoys the optimal security against all adaptive chosen plaintext and chosen ciphertext adversaries. However, if the repetition of the tweak is limited, then the security of the construction remains close to the security bound in no repetition of the tweak case. Hence, it gives a graceful security degradation with the maximum number of repetition of tweaks
OleF: an Inverse-Free Online Cipher. An Online SPRP with an Optimal Inverse-Free Construction
Online ciphers, in spite of being insecure against an sprp adversary, can be desirable at places because of their ease of implementation and speed. Here we propose a single-keyed inverse-free construction that achieves online sprp security with an optimal number of blockcipher calls. We also include a partial block construction, without requiring any extra key
OleF: An Inverse-Free Online Cipher
Online ciphers, in spite of being insecure against an sprp adversary, can be desirable at places because of their ease of implementation and speed. Here we propose a single-keyed inverse-free construction that achieves online sprp security with an optimal number of blockcipher calls. We also include a partial block construction, without requiring any extra key
Disk Encryption: Do We Need to Preserve Length?
In the last one-and-a-half decade there has been a lot of activity towards development of cryptographic techniques for disk
encryption. It has been almost canonised that an encryption scheme suitable for the application of disk encryption must be
length preserving, i.e., it rules out the use of schemes like authenticated encryption where an authentication tag is also
produced as a part of the ciphertext resulting in ciphertexts being longer than the corresponding plaintexts. The notion of
a tweakable enciphering scheme (TES) has been formalised as the appropriate primitive for disk encryption and it has been argued
that they provide the maximum security possible for a tag-less scheme. On the other hand, TESs are less efficient than some
existing authenticated encryption schemes. Also TES cannot provide true authentication as they do not have authentication tags.
In this paper, we analyze the possibility of the use of encryption schemes where length expansion is produced for
the purpose of disk encryption. On the negative side, we argue that nonce based authenticated encryption schemes are not appropriate
for this application. On the positive side, we demonstrate that deterministic authenticated encryption (DAE) schemes may
have more advantages than disadvantages compared to a TES when used for disk encryption. Finally, we propose a new deterministic
authenticated encryption scheme called BCTR which is suitable for this purpose. We provide the full specification of BCTR, prove
its security and also report an efficient implementation in reconfigurable hardware. Our experiments suggests that BCTR performs
significantly better than existing TESs and existing DAE schemes
Robust Authenticated-Encryption: AEZ and the Problem that it Solves
With a scheme for \textit{robust} authenticated-encryption a user can select an arbitrary value and then encrypt a plaintext of any length into a ciphertext that\u27s characters longer. The scheme must provide all the privacy and authenticity possible for the requested~. We formalize and investigate this idea, and construct a well-optimized solution, AEZ, from the AES round function. Our scheme encrypts strings at almost the same rate as OCB-AES or CTR-AES (on Haswell, AEZ has a peak speed of about 0.7 cpb). To accomplish this we employ an approach we call \textit{prove-then-prune}: prove security and then instantiate with a \textit{scaled-down}
primitive (e.g., reducing rounds for blockcipher calls)
EME*: extending EME to handle arbitrary-length messages with associated data
This work describes a mode of operation, EME*, that turns a regular block cipher into a length-preserving enciphering scheme for messages of (almost) arbitrary length. Specifically, the resulting scheme can handle any bit-length, not shorter than the block size of the underlying cipher, and it also handles associated data of arbitrary bit-length. Such a scheme can either be used directly in applications that need encryption but cannot afford length expansion, or serve as a convenient building block for higher-level modes.
The mode EME* is a refinement of the EME mode of Halevi and Rogaway, and it inherits the efficiency and parallelism from the original EME
Adiantum: length-preserving encryption for entry-level processors
We present HBSH, a simple construction for tweakable length-preserving encryption which supports the fastest options for hashing and stream encryption for processors without AES or other crypto instructions, with a provable quadratic advantage bound. Our composition Adiantum uses NH, Poly1305, XChaCha12, and a single AES invocation. On an ARM Cortex-A7 processor, Adiantum decrypts 4096-byte messages at 10.6 cycles per byte, over five times faster than AES-256-XTS, with a constant-time implementation. We also define HPolyC which is simpler and has excellent key agility at 13.6 cycles per byte
- …