Open AccessPosted Content
Code-Based Game-Playing Proofs and the Security of Triple Encryption.
Mihir Bellare,Phillip Rogaway +1 more
TLDR
The game-playing technique is a powerful tool for analyzing cryptographic constructions as mentioned in this paper, and games can be used to prove the security of three-key tripleencryption, a long-standing open problem.Abstract:
The game-playing technique is a powerful tool for analyzing cryptographic constructions. We illustrate this by using games as the central tool for proving security of three-key tripleencryption, a long-standing open problem. Our result, which is in the ideal-cipher model, demonstrates that for DES parameters (56-bit keys and 64-bit plaintexts) an adversary’s maximal advantage is small until it asks about 2 queries. Beyond this application, we develop the foundations for game playing, formalizing a general framework for game-playing proofs and discussing techniques used within such proofs. To further exercise the game-playing framework we show how to use games to get simple proofs for the PRP/PRF Switching Lemma, the security of the basic CBC MAC, and the chosen-plaintext-attack security of OAEP.read more
Citations
More filters
Posted Content
Authenticated Encryption: Relations among notions and analysis of the generic composition paradigm.
TL;DR: This work considers two possible notions of authenticity for authenticated encryption schemes, namely integrity of plaintexts and integrity of ciphertexts, and relates them to the standard notions of privacy IND-CCA and NM-CPA by presenting implications and separations between all notions considered.
Posted Content
Sequences of games: a tool for taming complexity in security proofs.
TL;DR: In this article, a technique for structuring security proofs as sequences games is presented, with a brief tutorial on how to construct a sequence game from a security proof and a sequence of games.
Journal ArticleDOI
Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm
TL;DR: In this paper, the authors consider two possible notions of authenticity for authenticated encryption schemes, namely integrity of plaintexts and integrity of ciphertexts, and relate them, when coupled with IND-CPA (indistinguishability under chosen-plaintext attack), to the standard notions of privacy IND-CCA and NMCPA, and provide proofs for the cases where the answer is "yes" and counter-examples for the answer "no".
Book ChapterDOI
The security of triple encryption and a framework for code-based game-playing proofs
Mihir Bellare,Phillip Rogaway +1 more
TL;DR: In this article, it was shown that triple encryption (the cascade of three independently-keyed blockciphers) is more secure than single or double encryption in the ideal-cipher model.
Journal Article
A provable-security treatment of the key-wrap problem
Phillip Rogaway,Thomas Shrimpton +1 more
TL;DR: It is suggested that key-wrap's goal is security in the sense of deterministic authenticated-encryption (DAE), and it is shown that a DAE scheme with a vector-valued header, such as SIV, directly realizes this goal.
References
More filters
Journal ArticleDOI
Communication theory of secrecy systems
TL;DR: A theory of secrecy systems is developed on a theoretical level and is intended to complement the treatment found in standard works on cryptography.
Proceedings ArticleDOI
Random oracles are practical: a paradigm for designing efficient protocols
Mihir Bellare,Phillip Rogaway +1 more
TL;DR: It is argued that the random oracles model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice, and yields protocols much more efficient than standard ones while retaining many of the advantages of provable security.
Book
Randomized Algorithms
TL;DR: This book introduces the basic concepts in the design and analysis of randomized algorithms and presents basic tools such as probability theory and probabilistic analysis that are frequently used in algorithmic applications.
Proceedings ArticleDOI
Theory and application of trapdoor functions
TL;DR: A new information theory is introduced and the concept of trapdoor functions is studied and applications of such functions in cryptography, pseudorandom number generation, and abstract complexity theory are examined.
Journal ArticleDOI
Randomized Algorithms
TL;DR: For many applications, a randomized algorithm is either the simplest or the fastest algorithm available, and sometimes both. as discussed by the authors introduces the basic concepts in the design and analysis of randomized algorithms and provides a comprehensive and representative selection of the algorithms that might be used in each of these areas.
Related Papers (5)
Random oracles are practical: a paradigm for designing efficient protocols
Mihir Bellare,Phillip Rogaway +1 more