Chris J. Mitchell (2007) Cryptanalysis of the EPBC authenticated encryption mode.
Full text access: Open
A large variety of methods for using block ciphers, so called `modes of operation', have been proposed, including some designed to provide both confidentiality and integrity protection. Such modes, usually known as `authenticated encryption' modes, are increasingly important given the variety of issues now known with the use of unauthenticated encryption. In this paper we show that a mode known as EPBC (Efficient error-Propagating Block Chaining), proposed in 1997 by Zuquete and Guedes, is insecure. Specifically we show that given a modest amount of known plaintext for a single enciphered message, new enciphered messages can be constructed which will pass tests for authenticity. That is, we demonstrate a message forgery attack.
This is a Draft version This version's date is: 20/12/2007 This item is peer reviewed
https://repository.royalholloway.ac.uk/items/3b441a31-76b0-a1d2-5a03-999bca6963c9/1/
Deposited by Al Dean (ZSRA118) on 08-Mar-2010 in Royal Holloway Research Online.Last modified on 08-Mar-2010
(C) 2007 Springer Verlag Ltd, whose permission to mount this version for private study and research is acknowledged. The repository version is the author's final draft.
1. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryp- tography. CRC Press, Boca Raton (1997)
2. Bellare, M., Kohno, T., Namprempre, C.: Breaking and provably repairing the SSH authenticated encryption scheme: A case study of the encode-then-encrypt- and-MAC paradigm. ACM Transactions on Information and System Security 7 (2004) 206{241
3. Black, J., Urtubia, H.: Side-channel attacks on symmetric encryption schemes: The case for authenticated encryption. In: Proceedings of the 11th USENIX Security Symposium, San Francisco, CA, USA, August 5-9, 2002, USENIX (2002) 327{338
4. Canvel, B., Hiltgen, A., Vaudenay, S., Vuagnoux, M.: Password interception in a SSL/TLS channel. In Boneh, D., ed.: Advances in Cryptology | CRYPTO 2003, 23rd Annual International Cryptology Conference, Santa Barbara, California, USA, August 17-21, 2003, Proceedings. Volume 2729 of Lecture Notes in Computer Science., Springer-Verlag, Berlin (2003) 583{599
5. Paterson, K.G., Yau, A.: Padding oracle attacks on the ISO CBC mode padding standard. In Okamoto, T., ed.: Topics in Cryptology | CT-RSA 2004, The Cryp- tographers' Track at the RSA Conference 2004, San Francisco, CA, USA, February 23-27, 2004, Proceedings. Volume 2964 of Lecture Notes in Computer Science., Springer-Verlag, Berlin (2004) 305{323
6. Vaudenay, S.: Security °aws induced by CBC padding | Applications to SSL, IPSEC, WTLS . . . . In Knudsen, L., ed.: Advances in Cryptology | EUROCRYPT 2002, International Conference on the Theory and Applications of Cryptographic Techniques, Amsterdam, The Netherlands, April 28 { May 2, 2002, Proceedings. Volume 2332 of Lecture Notes in Computer Science., Springer-Verlag, Berlin (2002) 534{545
7. Yau, A.K.L., Paterson, K.G., Mitchell, C.J.: Padding oracle attacks on CBC- mode encryption with secret and random IVs. In Gilbert, H., Handschuh, H., eds.: Fast Software Encryption, 12th International Workshop, FSE 2005, Paris, France, February 21-23, 2005, Revised Papers. Number 3557 in Lecture Notes in Computer Science, Springer-Verlag, Berlin (2005) 299{319
8. Rogaway, P., Bellare, M., Black, J.: OCB: A block-cipher mode of operation for e±cient authenticated encryption. ACM Transactions on Information and System Security 6 (2003) 365{403
9. Bellare, M., Rogaway, P., Wagner, D.: The EAX mode of operation. In Roy, B., Meier, W., eds.: Fast Software Encryption, 11th International Workshop, FSE 2004, Delhi, India, February 5-7, 2004, Revised Papers. Volume 3017 of Lecture Notes in Computer Science., Springer-Verlag, Berlin (2004) 389{407
10. National Institute of Standards and Technology (NIST): NIST Special Publication 800-38C, Recommendation for Block Cipher Modes of Operation: The CCM Mode For Authentication and Con¯dentiality. (2004)
11. Whiting, D., Housley, R., Ferguson, N.: RFC 3610, Counter with CBC-MAC (CCM). Internet Engineering Task Force. (2003)
12. International Organization for Standardization Genµeve, Switzerland: ISO/IEC 3rd CD 19772, Information technology | Security techniques | Authenticated encryption mechanisms. (2007)
13. Dent, A.W., Mitchell, C.J.: User's Guide to Cryptography and Standards. Artech House (2005)
14. Zuquete, A., Guedes, P.: E±cient error-propagating block chaining. In Darnell, M., ed.: Cryptography and Coding, 6th IMA International Conference, Cirences- ter, UK, December 17{19, 1997, Proceedings. Number 1355 in Lecture Notes in Computer Science, Springer-Verlag, Berlin (1997) 323{334
15. Mitchell, C.J.: Cryptanalysis of two variants of PCBC mode when used for mes- sage integrity. In Boyd, C., Gonzalez Nieto, J.M., eds.: Information Security and Privacy, 10th Australasian Conference, ACISP 2005, Brisbane, Australia, July 4{6 2005, Proceedings. Number 3574 in Lecture Notes in Computer Science, Springer- Verlag, Berlin (2005) 560{571
16. International Organization for Standardization Genµeve, Switzerland: ISO/IEC 18033{3, Information technology | Security techniques | Encryption algorithms | Part 3: Block ciphers. (2005)