International Association for Cryptologic Research

Ph.D. Database

The aim of the IACR Ph.D. database is twofold. On the first hand, we want to offer an overview of Ph.D. already completed in the domain of cryptology. Where possible, this should also include a subject classification, an abstract, and access to the full text. On the second hand, it deals with Ph.D. subjects currently under investigation. This way, we provide a timely map of contemporary research in cryptology. All entries or changes need to be approved by an editor. You can contact them via phds (at)


Cuauhtemoc Mancillas López (#873)
Name Cuauhtemoc Mancillas López
Personal Homepage
Topic of his/her doctorate. Studies on Disk Encryption
Category secret-key cryptography
Keywords Implementations, block ciphers, stream ciphers, tweakable enciphering schemes, FPGAs
Ph.D. Supervisor(s) Debrup Chakraborty
Year of completion 2013
Abstract Security of data stored in bulk storage devices like hard disks, flash memories, CDs and DVDs has gained a lot of importance in the current days. The importance of this topic is reflected in recent standardizing activities and a variety of cryptographic schemes proposed in the last decade as a solution to this problem. In this thesis we address several issues related to the problem of encryption of stored data. Our main focus is on block oriented storage medias like hard disks and flash memories. In the following paragraphs we summarize the different problems that we address in this thesis along with our contributions. There has been a consensus among researchers that a class of cryptographic algorithms called tweakable enciphering schemes (TES) can be used in the application of encrypting hard disks. In the last decade there have been many different proposals of TES each using different philosophies of construction. As a first contribution of this thesis we provide the first experimental performance data for (almost) all existing TES. The reported performance data is based on optimized implementations of the schemes on several families of reconfigurable hardware. While working towards efficient implementations of existing schemes we encountered some very interesting algorithmic and combinatorial problems. We present solutions to these problems also in this thesis, and they can be of a more broad interest. We also propose some new schemes suitable for the problem. Among others, we propose a new TES called STES (Small TES) which is designed using a different philosophy compared to the other existing TES. The design goal of STES is to make it suitable for encrypting storage provided in devices which are constrained in terms of power consumption and area. STES uses cryptographic primitives which when implemented would have a very low hardware and power footprint in a novel way. We formally prove that STES provides adequate security for the application and also provide performance data in two classes of FPGAs which are suitable for low-power implementations. The performance of STES both in terms of throughput per area and power consumption is very encouraging. In real life, all computations run in some physical device. When a physical device performs some computation it always emit or leak certain information. This leakage can be in the form of timing information, electromagnetic radiation, power consumption information or even sound. In the case of cryptographic computations, these leakages if measured properly can be used to gain important information regarding secret quantities handled by the computational process. Analyzing cryptographic implementations in the light of these leakages is collectively called side channel analysis. We provide some preliminary side channel analysis on some TES. To our knowledge no such analysis has been done before on TES. TES are length preserving schemes, in the sense that the length of the cipher text produced by a TES is same as that of the plain text. This property of length preservation has been considered very important for an encryption scheme to be suitable for encrypting hard disks. In this thesis we contest this well established notion, and argue why it may be possible to use encryption schemes which are not length preserving. We argue about this taking in consideration the structure of modern day hard disk. Finally we propose a new scheme called BRW-Counter mode (BCTR) which is not length preserving but provides the same security of that of a TES. We also present an optimal hardware architecture for BCTR and show that BCTR would outperform all other TES in terms of throughput. Finally, we address the problem of securing backups by use of a new cryptographic scheme. We propose a cryptographic primitive which we call as the double cipher text mode (DCM) and discuss the general syntax and security definition of a DCM. We provide two efficient constructions of DCM which we name as DCMG and DCM-BRW. We argue why DCM would be suitable for the application of secure backup.
E-Mail Address cuauhtemoc.mancillas83 (at)
Last Change 2013-06-02 11:19:29
To provide an update on this entry, please click .

Contact: phds (at)

[ IACR home page ] [ IACR PhDs page ] © IACR