International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Modes of Encryption Secure against Blockwise-Adaptive Chosen-Plaintext Attack

Authors:
Gregory V. Bard
Download:
URL: http://eprint.iacr.org/2006/271
Search ePrint
Search Google
Abstract: Blockwise-adaptive chosen-plaintext and chosen-ciphertext attack are new models for cryptanalytic adversaries, first discovered by Joux, et al [JMV02], and describe a vulnerability in SSH discovered by Bellare, et al [BKN02]. Unlike traditional chosen-plaintext (CPA) or chosen-ciphertext (CCA) adversaries, the blockwise adversary can submit individual blocks for encryption or decryption rather than entire messages. This paper focuses on the search for on-line encryption schemes which are resistant to blockwise-adaptive chosen-plaintext attack. We prove that one oracle query with non-equal inputs is sufficient to win the blockwise-adaptive chosen-plaintext game if the game can be won by any adversary in ppt with non-negligible advantage. In order to uniformly describe such encryption schemes, we define a canonical representation of encryption schemes based on functions believed to be pseudorandom (i.e. Block Ciphers). This Canonical Form is general enough to cover many modes currently in use, including ECB, CBC, CTR, OFB, CFB, ABC, IGE, XCBC, HCBC and HPCBC. An immediate result of the theorems in this paper is that CTR, OFB, CFB, HCBC and HPCBC are proven secure against blockwise-adaptive CPA, as well as S-ABC under certain conditions. Conversely ECB, CBC, IGE, and P-ABC are proven to be blockwise-adaptive CPA insecure. Since CBC, IGE and P-ABC are chosen-plaintext secure, this indicates that the blockwise-adaptive chosen-plaintext model is a non-trivial extension of the traditional chosen-plaintext attack model.
BibTeX
@misc{eprint-2006-21763,
  title={Modes of Encryption Secure against Blockwise-Adaptive Chosen-Plaintext Attack},
  booktitle={IACR Eprint archive},
  keywords={foundations / Blockwise-Adaptive Attack, Encryption Schemes, Chosen-Plaintext Attack, Modes of Encryption, CBC, OFB, CFB, ABC, CTR, Infinite Garble Extension, HCBC, HPCBC, XCBC.},
  url={http://eprint.iacr.org/2006/271},
  note={Submitted to a Conference. This is an improved version of what appeared at YACC'06. gregory.bard@ieee.org 13378 received 13 Aug 2006, last revised 17 Aug 2006},
  author={Gregory V. Bard},
  year=2006
}