Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Presentation

Requirements for an Accordion Mode

June 20, 2024

Presenters

Guy B. - NCSC

Description

The National Cyber Security Centre (NCSC) is the UK National Technical Authority on cryptography. In this talk we will review some desirable security goals proposed by NIST, by us, and by the community. We observe that it seems challenging to satisfy all of these requirements with a single mode. For example, a mode designed to work with AES cannot demonstrate context commitment with a security proof in the standard model. And yet making an ideal cipher assumption on AES is problematic: AES admits related-key attacks, and proofs that rely on an ideal cipher assumption may not apply to quantum adversaries. As another trade-off, a mode of AES that has multi-user security and permissive per-user usage limits will likely require beyond-birthday security. The most obvious way to achieve this is with nonce-based key derivation, which results in poor performance on short messages. A permutation-based mode, or a mode designed for use with a 256-bit block cipher, would not encounter these issues, but would not meet the requirement to support AES.

Presented at

Workshop on the Requirements for an Accordion Cipher Mode 2024

Event Details

Location

    National Cybersecurity Center of Excellence (NCCoE)
    9700 Great Seneca Highway
    Rockville, MD 20850

Related Topics

Security and Privacy: encryption

Created June 20, 2024, Updated June 21, 2024