Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


Length-Preserving Encryption with HCTR2

October 3, 2023


Paul Crowley - Google LLC


On modern processors HCTR is one of the most efficient constructions for building a tweakable super-pseudorandom permutation. However, a bug in the specification and another in Chakraborty and Nandi’s security proof invalidate the claimed security bound. We here present HCTR2, which fixes these issues and improves the security bound, performance and flexibility.

Presented at

The Third NIST Workshop on Block Cipher Modes of Operation

Event Details


    National Cybersecurity Center of Excellence (NCCoE)
    9700 Great Seneca Highway
    Rockville, MD 20850

Related Topics

Security and Privacy: encryption

Created October 03, 2023, Updated October 05, 2023