Berti, Francesco (2023)
Reconsidering Generic Composition: the modes A10, A11 and A12 are insecure.
28th Australasian Conference on Information Security and Privacy. Brisbane, Australia (05.-07.07.2023)
doi: 10.1007/978-3-031-35486-1
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Authenticated Encryption (AE) achieves privacy and authenticity with a single scheme. It is possible to obtain an AE scheme gluing together an encryption scheme (privacy secure) and a Message Authentication Code (authenticity secure). This approach is called generic composition and its security has been studied by Namprempre et al. [20]. They looked into all the possible gluings of an encryption scheme with a secure MAC to obtain a nonce-based AE-scheme. The encryption scheme is either IV-based (that is, with an additional random input, the initialization vector [IV]) or nonce-based (with an input to be used once, the nonce). Nampremepre et al. assessed the security/insecurity of all possible composition combinations except for 4 (N4, A10, A11 and A12). Berti et al. [9] showed that N4 is insecure and that the remaining modes (A10, A11, and A12) are either all secure or insecure. Here, we prove that these modes are all insecure with a counterexample.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2023 |
| Autor(en): | Berti, Francesco |
| Art des Eintrags: | Bibliographie |
| Titel: | Reconsidering Generic Composition: the modes A10, A11 and A12 are insecure |
| Sprache: | Englisch |
| Publikationsjahr: | 15 Juni 2023 |
| Verlag: | Springer |
| Buchtitel: | Information Security and Privacy |
| Reihe: | Lecture Notes in Computer Science |
| Band einer Reihe: | 13915 |
| Veranstaltungstitel: | 28th Australasian Conference on Information Security and Privacy |
| Veranstaltungsort: | Brisbane, Australia |
| Veranstaltungsdatum: | 05.-07.07.2023 |
| DOI: | 10.1007/978-3-031-35486-1 |
| URL / URN: | https://link.springer.com/book/10.1007/978-3-031-35486-1 |
| Kurzbeschreibung (Abstract): | Authenticated Encryption (AE) achieves privacy and authenticity with a single scheme. It is possible to obtain an AE scheme gluing together an encryption scheme (privacy secure) and a Message Authentication Code (authenticity secure). This approach is called generic composition and its security has been studied by Namprempre et al. [20]. They looked into all the possible gluings of an encryption scheme with a secure MAC to obtain a nonce-based AE-scheme. The encryption scheme is either IV-based (that is, with an additional random input, the initialization vector [IV]) or nonce-based (with an input to be used once, the nonce). Nampremepre et al. assessed the security/insecurity of all possible composition combinations except for 4 (N4, A10, A11 and A12). Berti et al. [9] showed that N4 is insecure and that the remaining modes (A10, A11, and A12) are either all secure or insecure. Here, we prove that these modes are all insecure with a counterexample. |
| Freie Schlagworte: | Solutions, S7, Applied Cryptography (CAC) |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Angewandte Kryptographie DFG-Sonderforschungsbereiche (inkl. Transregio) DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche > SFB 1119: CROSSING – Kryptographiebasierte Sicherheitslösungen als Grundlage für Vertrauen in heutigen und zukünftigen IT-Systemen |
| Hinterlegungsdatum: | 11 Jul 2023 08:45 |
| Letzte Änderung: | 14 Jul 2023 13:15 |
| PPN: | 509681921 |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum