OCB A Block-Cipher Mode of Operation for Efficient Authenticated Encryption

《OCB A Block-Cipher Mode of Operation for Efficient Authenticated Encryption》由会员上传分享，免费在线阅读，更多相关内容在行业资料-天天文库。

1、CB:ABlok-CipherodeofperationforEffi ientAuthenti atedEn ryptionH

RGAWAYUniversityofCaliforniaatDavisandChiangaiUniversity
H
RBEAREUniversityofCaliforniaatSanDiegoHBACUniversityofColoradoatBoulderWedes ribeaparallelizableblok- iphermodeofoperationthatsimultaneouslyprovidespri-va ya

2、ndauthenti ity.CBen rypts-and-authenti atesanonemptystring2f0;1gusingdjj=ne+2blok- ipherinvo ations,wherenisthebloklengthoftheunderlyingblok i-pher.Additionaloverheadissmall.CBrenesas heme,
A,suggestedbyCharanjitutla.DesirablepropertiesofCBin ludetheabilitytoen ryptabitstringofarbitraryleng

3、thintoa iphertextofminimallength,heaposet al ulations,heapkeysetup,asingleunderlying ryptographi key,noextended-pre isionaddition,anearlyoptimalnumberofblok- ipher alls,andnorequirementforarandom
V.WeproveCBse ure,quantifyingtheadversary'sabil-itytoviolatethemode'spriva yorauthenti ityintermsofthe

4、qualityofitsblok ipherasapseudorandompermutation(R)orasastrongR,respe tively.CategoriesandSubje tDes riptors:E.3[DataEn ryption℄:StandardsGeneralTerms:Se urity,erforman e,TheoryAdditionaleyWordsandhrases:AES,authenti ity,blok- ipherusage, ryptography,en ryp-tion,integrity,modesofoperation,pro

5、vablese urity,standardshillipRogaway,DepartmentofComputerS ien e,Engineering
Building,UniversityofCal-ifornia,Davis,CA95616USA;andDepartmentofComputerS ien e,Fa ultyofS ien e,ChiangaiUniversity,Chiangai50200Thailand;email:rogaway s.u davis.edu,web:www. s.u davis.edu/rogawayihirBellare,Departme

6、ntofComputerS ien eandEngineering,UniversityofCaliforniaatSanDiego,9500GilmanDrive,aolla,CA92093USA;email:mihir s.u sd.edu,web:www- se.u sd.edu/users/mihirohnBla k,DepartmentofComputerS ien e,430UCB,UniversityofColorado,Boulder,C80309USA;email:jrbla k s. olorado.edu,web:www. s. olorado.edu/jr

7、bla kermissiontomakedigital/hard opyofallorpartofthismaterialwithoutfeeforpersonalor lassroomuseprovidedthatthe opiesarenotmadeordistributedforprotor ommer ialadvantage,theAC opyright/servernoti e,