CryptoDB
A Parallelizable Enciphering Mode
| Authors: | |
|---|---|
| Download: | |
| Abstract: | We describe a block-cipher mode of operation, EME, that turns an n-bit block cipher into a tweakable enciphering scheme that acts on strings of mn bits, where m \in [1..n]. The mode is parallelizable, but as serial-efficient as the non-parallelizable mode CMC. EME can be used to solve the disk-sector encryption problem. The algorithm entails two layers of ECB encryption and a "lightweight mixing" in between. We prove EME secure, in the reduction-based sense of modern cryptography. We motivate some of the design choices in EME by showing that a few simple modifications of this mode are insecure. |
BibTeX
@misc{eprint-2003-11862,
title={A Parallelizable Enciphering Mode},
booktitle={IACR Eprint archive},
keywords={secret-key cryptography / Block-cipher usage, cryptographic standards, disk encryption, modes of operation, provable security, sector-level encryption, symmetric encryption.},
url={http://eprint.iacr.org/2003/147},
note={ shaih@watson.ibm.com 12261 received 28 Jul 2003},
author={Shai Halevi and Phillip Rogaway},
year=2003
}