CryptoDB
A Parallelizable Enciphering Mode
Authors: | |
---|---|
Download: | |
Abstract: | We describe a block-cipher mode of operation, EME, that turns an n-bit block cipher into a tweakable enciphering scheme that acts on strings of mn bits, where m \in [1..n]. The mode is parallelizable, but as serial-efficient as the non-parallelizable mode CMC. EME can be used to solve the disk-sector encryption problem. The algorithm entails two layers of ECB encryption and a "lightweight mixing" in between. We prove EME secure, in the reduction-based sense of modern cryptography. We motivate some of the design choices in EME by showing that a few simple modifications of this mode are insecure. |
BibTeX
@misc{eprint-2003-11862, title={A Parallelizable Enciphering Mode}, booktitle={IACR Eprint archive}, keywords={secret-key cryptography / Block-cipher usage, cryptographic standards, disk encryption, modes of operation, provable security, sector-level encryption, symmetric encryption.}, url={http://eprint.iacr.org/2003/147}, note={ shaih@watson.ibm.com 12261 received 28 Jul 2003}, author={Shai Halevi and Phillip Rogaway}, year=2003 }