Skip to main content
SpringerLink
Log in

The Relation Between CENC and NEMO

  • Conference paper
  • First Online:
Cryptology and Network Security (CANS 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11124))

Included in the following conference series:

  • 903 Accesses

Abstract

Counter mode encryption uses a blockcipher to generate a key stream, which is subsequently used to encrypt data. The mode is known to achieve security up to the birthday bound. In this work we consider two approaches in literature to improve it to beyond birthday bound security: CENC by Iwata (FSE 2006) and its generalization NEMO by Lefranc et al. (SAC 2007). Whereas recent discoveries on CENC argued optimal security, the state of the art of NEMO is still sub-optimal. We draw connections among various instantiations of CENC and NEMO, and particularly prove that the improved optimal security bound on the CENC family carries over to a large class of variants of NEMO. We further conjecture that it also applies to the remaining variants, and discuss bottlenecks in proving so.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    This follows from looking at the modes at a pseudorandom function level, i.e., isolating the pseudorandom function \(F_k(N) = E_k(N\Vert 0)\oplus E_k(N\Vert 1)\) from the mode.

  2. 2.

    In this work we are only concerned with binary linear codes.

References

  1. Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: 38th Annual Symposium on Foundations of Computer Science, FOCS 1997, Miami Beach, Florida, USA, 19–22 October 1997, pp. 394–403. IEEE Computer Society (1997). https://doi.org/10.1109/SFCS.1997.646128

  2. Bellare, M., Impagliazzo, R.: A tool for obtaining tighter security analyses of pseudorandom function based constructions, with applications to PRP to PRF conversion. Cryptology ePrint Archive, Report 1999/024 (1999). http://eprint.iacr.org/1999/024

  3. Bellare, M., Krovetz, T., Rogaway, P.: Luby-Rackoff backwards: increasing security by making block ciphers non-invertible. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 266–280. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054132

    Chapter  Google Scholar 

  4. Bhattacharya, S., Nandi, M.: Revisiting variable output length XOR pseudorandom function. IACR Trans. Symmetric Cryptol. 2018(1), 314–335 (2018). https://doi.org/10.13154/tosc.v2018.i1.314-335

    Article  Google Scholar 

  5. Dai, W., Hoang, V.T., Tessaro, S.: Information-theoretic indistinguishability via the Chi-squared method. In: Katz and Shacham [8], pp. 497–523. https://doi.org/10.1007/978-3-319-63697-9_17

  6. Iwata, T.: New blockcipher modes of operation with beyond the birthday bound security. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 310–327. Springer, Heidelberg (2006). https://doi.org/10.1007/11799313_20

    Chapter  Google Scholar 

  7. Iwata, T., Mennink, B., Vizár, D.: CENC is optimally secure. Cryptology ePrint Archive, Report 2016/1087 (2016). http://eprint.iacr.org/2016/1087

  8. Katz, J., Shacham, H. (eds.): CRYPTO 2017. LNCS, vol. 10403. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63697-9

    Book  MATH  Google Scholar 

  9. Lefranc, D., Painchault, P., Rouat, V., Mayer, E.: A generic method to design modes of operation beyond the birthday bound. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 328–343. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77360-3_21

    Chapter  Google Scholar 

  10. Lucks, S.: The sum of PRPs is a secure PRF. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 470–484. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6_34

    Chapter  Google Scholar 

  11. Mennink, B., Neves, S.: Encrypted Davies-Meyer and its dual: towards optimal security using mirror theory. In: Katz and Shacham [8], pp. 556–583. https://doi.org/10.1007/978-3-319-63697-9_19

  12. Nachef, V., Patarin, J., Volte, E.: Feistel Ciphers - Security Proofs and Cryptanalysis. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-49530-9

    Book  MATH  Google Scholar 

  13. Patarin, J.: On linear systems of equations with distinct variables and small block size. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 299–321. Springer, Heidelberg (2006). https://doi.org/10.1007/11734727_25

    Chapter  Google Scholar 

  14. Patarin, J.: A proof of security in O(2n) for the Xor of two random permutations. In: Safavi-Naini, R. (ed.) ICITS 2008. LNCS, vol. 5155, pp. 232–248. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85093-9_22

    Chapter  MATH  Google Scholar 

  15. Patarin, J.: Introduction to mirror theory: analysis of systems of linear equalities and linear non equalities for cryptography. Cryptology ePrint Archive, Report 2010/287 (2010). http://eprint.iacr.org/2010/287

  16. Singleton, R.C.: Maximum distance q-nary codes. IEEE Trans. Inf. Theory 10(2), 116–118 (1964). https://doi.org/10.1109/TIT.1964.1053661

    Article  MathSciNet  MATH  Google Scholar 

  17. Vermani, L.R.: Elements of Algebraic Coding Theory. CRC Press, Boca Raton (1996)

    Book  Google Scholar 

Download references

Acknowledgments

Bart Mennink is supported by a postdoctoral fellowship from the Netherlands Organisation for Scientific Research (NWO) under Veni grant 016.Veni.173.017.

Author information

Authors and Affiliations

  1. Digital Security Group, Radboud University, Nijmegen, The Netherlands

    Bart Mennink

Authors
  1. Bart Mennink
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bart Mennink .

Editor information

Editors and Affiliations

  1. IBM Research - Zurich, Rüschlikon, Switzerland

    Jan Camenisch

  2. KTH Royal Institute of Technology, Stockholm, Sweden

    Panos Papadimitratos

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Mennink, B. (2018). The Relation Between CENC and NEMO. In: Camenisch, J., Papadimitratos, P. (eds) Cryptology and Network Security. CANS 2018. Lecture Notes in Computer Science(), vol 11124. Springer, Cham. https://doi.org/10.1007/978-3-030-00434-7_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-00434-7_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-00433-0

  • Online ISBN: 978-3-030-00434-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation