Authenticated encryption

About: Authenticated encryption is a research topic. Over the lifetime, 1328 publications have been published within this topic receiving 25968 citations. The topic is also known as: AEAD & Authenticated Encryption with Associated Data.

Improved Security Notions for Proxy Re-Encryption to Enforce Access Control.

Abstract: Proxy Re-Encryption (PRE) allows a ciphertext encrypted under Alice’s public key to be transformed to an encryption under Bob’s public key without revealing either the plaintext or the decryption keys. PRE schemes have clear applications to cryptographic access control by allowing outsourced data to be selectively shared to users via re-encryption to appropriate keys. One concern for this application is that the server should not be able to perform unauthorised re-encryptions. We argue that current security notions do not adequately address this concern. We revisit existing definitions for PRE, starting by challenging the concept of unidirectionality, which states that re-encryption tokens from A to B cannot be used to re-encrypt from B to A. We strengthen this definition to reflect realistic scenarios in which adversaries may try to reverse a re-encryption by retaining information about prior ciphertexts and re-encryption tokens. We then strengthen the adversarial model to consider malicious adversaries that may collude with corrupt users and attempt to perform unauthorised re-encryptions; this models a malicious cloud service provider aiming to subvert the re-encryption process to leak sensitive data. Finally we revisit the notion of authenticated encryption for PRE. This currently assumes the same party who created the message also encrypted it, which is not necessarily the case in re-encryption. We thus introduce the notion of ciphertext origin authentication to determine who encrypted the message (initiated a re-encryption) and show how to fufil this requirement in practice.

Short message service authenticated encryption system and method based on digital certificate

Abstract: The invention relates to a short message service (SMS) authenticated encryption system and method based on a digital certificate. The SMS authenticated encryption system comprises an SMS authentication center, an authenticated mechanism SMS center and a mobile phone. A digital certificate management service unit of the SMS authentication center provides procedures generated by the unique digital certificate of the authenticated mechanism according to the user identification, thus ensuring the safety of the digital certificate. The digital certificate is used for safety of two-way SMS communication. In the invention, the way that a plurality of different receivers respectively carry out encrypted transmission according to own keys based on the SMS numbers can be realized by only installing an SMS authentication and encryption procedure in the common mobile phone as the SMS authentication and encryption client. The invention can authenticate the received SMS contents, ensure the sent contents not to be falsified and ensure the authenticity of the senders, has good confidentiality, changes less existing SMS systems, occupies less resources, is easy to realize and can be applied to such fields as financial transactions, etc.

On the Security of Sponge-type Authenticated Encryption Modes

Abstract: The sponge duplex is a popular mode of operation for constructing authenticated encryption schemes. In fact, one can assess the popularity of this mode from the fact that around 25 out of the 56 round 1 submissions to the ongoing NIST lightweight cryptography (LwC) standardization process are based on this mode. Among these, 14 sponge-type constructions are selected for the second round consisting of 32 submissions. In this paper, we generalize the duplexing interface of the duplex mode, which we call Transform-then-Permute. It encompasses Beetle as well as a new sponge-type mode SpoC (both are round 2 submissions to NIST LwC). We show a tight security bound for Transform-then-Permute based on b-bit permutation, which reduces to finding an exact estimation of the expected number of multi-chains (defined in this paper). As a corollary of our general result, authenticated encryption advantage of Beetle and SpoC is about T(D+r2r)/2b where T, D and r denotes the number of offline queries (related to time complexity of the attack), number of construction queries (related to data complexity) and rate of the construction (related to efficiency). Previously the same bound has been proved for Beetle under the limitation that T << min{2r, 2b/2} (that compels to choose larger permutation with higher rate). In the context of NIST LwC requirement, SpoC based on 192-bit permutation achieves the desired security with 64-bit rate, which is not achieved by either duplex or Beetle (as per the previous analysis).