Abstract | ||
---|---|---|
We investigate the all-or-nothing encryption paradigm which was introduced by Rivest as a new mode of operation for block ciphers. The paradigm involves composing an all-or-nothing transform (AONT) with an ordinary encryption mode. The goal is to have secure encryption modes with the additional property that exhaustive key-search attacks on them are slowed down by a factor equal to the number of blocks in the ciphertext. We give a new notion concerned with the privacy of keys that provably captures this key-search resistance property. We suggest a new characterization of AONTs and establish that the resulting all-or-nothing encryption paradigm yields secure encryption modes that also meet this notion of key privacy. A consequence of our new characterization is that we get more efficient ways of instantiating the all-or-nothing encryption paradigm. We describe a simple block-cipher-based AONT and prove it secure in the Shannon Model of a block cipher. We also give attacks against alternate paradigms that were believed to have the above keysearch resistance property. |
Year | DOI | Venue |
---|---|---|
2000 | 10.1007/3-540-44598-6_23 | CRYPTO |
Keywords | Field | DocType |
exhaustive key search,new mode,secure encryption mode,all-or-nothing encryption,ordinary encryption mode,new characterization,encryption mode,all-or-nothing encryption paradigm yield,block cipher,alternate paradigm,new notion,all-or-nothing encryption paradigm,it security | Multiple encryption,Computer science,Computer security,Attribute-based encryption,Deterministic encryption,Plaintext-aware encryption,Encryption,Theoretical computer science,40-bit encryption,Probabilistic encryption,On-the-fly encryption | Conference |
Volume | ISSN | ISBN |
1880 | 0302-9743 | 3-540-67907-3 |
Citations | PageRank | References |
40 | 2.42 | 15 |
Authors | ||
1 |