[PDF] Top 20 Tweakable Blockciphers with Beyond Birthday-Bound Security
Has 10000 "Tweakable Blockciphers with Beyond Birthday-Bound Security" found on our website. Below are the top 20 most common "Tweakable Blockciphers with Beyond Birthday-Bound Security".
Tweakable Blockciphers with Beyond Birthday-Bound Security
... a tweakable- PRP. One might hope that the security bound for TBCMAC[ E] e is better than for CBC-MAC over an n-bit blockci- pher, since the former is intuitively a “stronger” object than the ... See full document
28
Generic Attacks against Beyond-Birthday-Bound MACs
... Alternatively, a probabilistic MAC uses a random coin for the extra value, which is usually called a salt, and must be transmitted with the MAC. Proba- bilistic MACs have the advantage that they can stay secure when ... See full document
30
Improved Masking for Tweakable Blockciphers with Applications to Authenticated Encryption
... In this work, we revisit the principle of masking. We do so alongside the introduction of the tweakable Even-Mansour construction MEM. Its masking function combines the advantages of word-oriented LFSR- and ... See full document
39
On Beyond-Birthday-Bound Security: Revisiting the Development of ISO/IEC 9797-1 MACs
... of birthday bound on the con- catenation combiner of two CBC-like ...a security of at most birthday bound, and cannot amplify the security of underlying single-pass CBC-like MAC ... See full document
23
One-Key Compression Function Based MAC with Security beyond Birthday Bound
... the security bound. However, we note that this bound is comparable to that of [43] for light-weight applications in which ` is usually to be ... See full document
26
Collision Attacks against CAESAR Candidates -- Forgery and Key-Recovery against AEZ and Marble
... some security in the case of nonce ...prevent birthday attacks on the internal chain, and uses reduced-round AES as building ...claims security against nonce-repetition, and against release of ... See full document
24
Short Variable Length Domain Extenders With Beyond Birthday Bound Security
... the birthday bound, and for all but one construction this bound is known to be ...achieves beyond the birthday bound security for the domain [n, ...LDT, beyond the ... See full document
30
Limited-birthday Distinguishers for Hash Functions - Collisions Beyond the Birthday Bound can be Meaningful
... well beyond the birthday ...complexity beyond the 2 n/2 birthday ...the security of many hash functions needs to be reevaluated ... See full document
21
Under Pressure: Security of Caesar Candidates beyond their Guarantees
... guarantee security up to the so called birthday-bound; for AES-based AE schemes, this means processing no more than about 2 64 blocks of data per key and making no more than 2 64 encryption ... See full document
24
Revisiting Full-PRF-Secure PMAC and Using It for Beyond-Birthday Authenticated Encryption
... a beyond-birthday-bound (BBB) AE scheme based on a tweak- able block cipher under a single ...BBB security as long as nonces never repeat. However, the security of the nonce- IV-based ... See full document
22
Encrypt or Decrypt? To Make a Single-Key Beyond Birthday Secure Nonce-Based MAC
... of security degrada- tion due to the PRF-PRP switch [6] which tells that a PRF can be replaced by a PRP up to quadratic degradation in security (often called “birthday bound ...of ... See full document
40
ZCZ - Achieving n-bit SPRP Security with a Minimal Number of Tweakable-block-cipher Calls
... -bit security — most in fact are only secure up to the birthday ...of security is not a small step, but rather a ...this security, we believe that our encryption scheme is an exciting addition ... See full document
46
On Stream Ciphers with Provable Beyond-the-Birthday-Bound Security against Time-Memory-Data Tradeoff Attacks
... 6. Christophe De Canni` ere and Bart Preneel. Trivium - specifications (eSTREAM). Technical report, ECRYPT (European Network of Excellence for Cryptology), 2005. ... See full document
45
Tweakable Blockciphers with Asymptotically Optimal Security
... for tweakable block- ciphers similar to the “two weak make one strong” theorem for the composition of usual ...tight bound in the computational setting as in [15], however subtle problems have been recently ... See full document
19
Tweakable Block Ciphers Secure Beyond the Birthday Bound in the Ideal Cipher Model
... Tweakable block ciphers can either be designed from scratch [4, 5, 17], or be built upon off-the-shelf cryptographic primitives such as block ciphers and (public) permutations [3, 8, 11, 14]. In this work, we will ... See full document
30
Tweak-Length Extension for Tweakable Blockciphers
... has security beyond the birthday bound, which is the first scheme with this property which does not use ...chains. Tweakable variants of Even-Mansour cipher [11] are studied by Cogliati, ... See full document
20
Beyond-Birthday-Bound Security for Tweakable Even-Mansour Ciphers with Linear Tweak and Key Mixing
... the tweakable setting? In more details, we know how to deliver n/2 bits of security with an n-bit master key [CS15, FP15] and this paper shows how to reach 2n/3 bits of security with a 2n-bit master ... See full document
27
Wide Tweakable Block Ciphers Based on Substitution-Permutation Networks: Security Beyond the Birthday Bound
... The tweakable enciphering modes of operations have applications to disk encryption that protects the confidentiality of data stored on a sector-addressable device such as a hard ...the birthday bound ... See full document
32
Optimally Secure Tweakable Blockciphers
... of tweakable blockciphers by Liskov et ...art beyond birthday bound solutions, in the key size and in the efficiency as long as key renewal is reasonably ... See full document
21
Counter-in-Tweak: Authenticated Encryption Modes for Tweakable Block Ciphers
... a tweakable block cipher into a nonce-based authenticated encryption scheme (with associated ...underlying tweakable block cipher rather than on the plaintext ...provable security beyond the ... See full document
37
Related subjects