Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Presentation

Committing Wide Encryption Mode with Minimum Ciphertext Expansion

June 21, 2024

Presenters

Yusuke Naito - Mitsubishi Electric Corporation

Description

We propose a new wide encryption (WE) mode of operation that satisfies robust authenticated encryption (RAE) and committing security with minimum ciphertext expansion. WE is attracting much attention in the last few years, and its advantage includes RAE security that provides robustness against wide range of misuses, combined with the encode-then-encipher (EtE) construction. Unfortunately, WEbased EtE does not provide good committing security, and there is a recent constant-time CMT-4 attack (Chen et al., ToSC 2023(4)). Improving CMT-4 security requires considerable ciphertext expansion, and the state-of-the-art scheme expands the ciphertext by \(s\)rae + 2\(s\)cmt bits from an original message to achieve \(s\)rae-bit RAE and \(s\)cmt-bit CMT-4 security. Our new WE mode FFF addresses the issue by achieving \(s\)rae-bit RAE and \(s\)cmt-bit CMT-4 security only with max{\(s\)cmt, \(s\)rae} bits of ciphertext expansion. Our design is based on the committing concealer proposed by Bellare et al., and its extension to WE (cf. tag-based AE) while satisfying RAE security is the main technical innovation.

Presented at

Workshop on the Requirements for an Accordion Cipher Mode 2024

Event Details

Location

    National Cybersecurity Center of Excellence (NCCoE)
    9700 Great Seneca Highway
    Rockville, MD 20850

Related Topics

Security and Privacy: encryption

Created June 20, 2024, Updated June 21, 2024