On the soundness of authenticate-then-encrypt: Formalizing the malleability of symmetric encryption

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2010, Pages 505-515

  Maurer, Ueli ^a   Tackmann, Björn ^a  

^a ETH ZURICH   (Switzerland)

Author keywords

Security; Theory

Indexed keywords

AUTHENTICATED CHANNEL; COMMUNICATION CHANNEL; ENCRYPTION SCHEMES; MESSAGE AUTHENTICATION CODES; NATURAL SIMULATION; SECURE CHANNELS; SECURITY; SECURITY MECHANISM; SECURITY PROPERTIES; STREAM CIPHERS; SYMMETRIC ENCRYPTION; SYSTEMATIC ANALYSIS; THEORY;

AUTHENTICATION; NETWORK SECURITY;

CRYPTOGRAPHY;

EID: 78649995406     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1866307.1866364     Document Type: Conference Paper

References (29)

1. M. Bellare, R. Canetti, and H. Krawczyk. Keying hash functions for message authentication. In N. Koblitz, editor, Advances in Cryptology - CRYPTO 1996, volume 1109 of LNCS, pages 1-15. IACR, Springer-Verlag, 1996.
2. M. Bellare, A. Desai, E. Jokipii, and P. Rogaway. A concrete security treatment of symmetric encryption. In Proceedings of the 38th Symposium on Foundations of Computer Science, pages 394-403. IEEE, 1997.
3. M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway. Relations among notions of security for public-key encryption schemes. In H. Krawczyk, editor, Advances in Cryptology - CRYPTO 1998, volume 1462 of LNCS, pages 26-45. IACR, Springer-Verlag, 1998.
4. M. Bellare, J. Kilian, and P. Rogaway. The security of the cipher block chaining authentication code. Journal of Computer and System Sciences, 61(3):362-399, 2000.
5. M. Bellare and C. Namprempre. Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In T. Okamoto, editor, Advances in Cryptology - ASIACRYPT 2000, volume 1976 of LNCS, pages 531-545. IACR, Springer, 2000. Journal version in [6].
6. M. Bellare and C. Namprempre. Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. Journal of Cryptology, 21(4):469-491, October 2008.
7. R. Canetti. Universally composable security: A new paradigm for cryptographic protocols. In Proceedings of the 42nd IEEE Symposium on Foundations of Computer Science, pages 136-145. IEEE, 2001. Extended version in [8].
8. R. Canetti. Universally composable security: A new paradigm for cryptographic protocols. Cryptology ePrint Archive, Report 2000/067, December 2005.
9. R. Canetti and H. Krawczyk. Analysis of key-exchange protocols and their use for building secure channels. In B. Pfitzmann, editor, Advances in Cryptology - EUROCRYPT 2001, volume 2045 of LNCS, pages 453-474. IACR, Springer-Verlag, 2001.
10. R. Canetti and H. Krawczyk. Universally composable notions of key exchange and secure channels. In L. R. Knudsen, editor, Advances in Cryptology - EUROCRYPT 2002, volume 3027 of LNCS, pages 337-351. IACR, Springer-Verlag, 2002.
11. R. Canetti, H. Krawczyk, and J. B. Nielsen. Relaxing chosen-ciphertext security. In D. Boneh, editor, Advances in Cryptology - CRYPTO 2003, volume 2729 of LNCS, pages 565-582. IACR, Springer-Verlag, 2003.
12. T. Dierks and E. Rescorla. The Transport Layer Security (TLS) protocol version 1.2. RFC 5246, August 2008.
13. D. Dolev, C. Dwork, and M. Naor. Non-malleable cryptography. SIAM Journal on Computing, 30(2):391-437, 2000.
14. N. Ferguson and B. Schneier. Practical Cryptography. Wiley, 2003.
15. V. D. Gligor, P. Donescu, and J. Katz. On message integrity in symmetric encryption. Manuscript, February 2002.
16. J. Katz and M. Yung. Unforgeable encryption and chosen ciphertext secure modes of operation. In B. Schneier, editor, FSE 2000, volume 1978 of LNCS, pages 284-299. IACR, Springer-Verlag, 2000.
17. H. Krawczyk. The order of encryption and authentication for protecting communications. In J. Kilian, editor, Advances in Cryptology - CRYPTO 2001, volume 2139 of LNCS, pages 310-331. IACR, Springer-Verlag, 2001.
18. U. Maurer. Indistinguishability of random systems. In L. R. Knudsen, editor, Advances in Cryptology - EUROCRYPT 2002, volume 2332 of LNCS, pages 110-132. IACR, Springer-Verlag, 2002.
19. U. Maurer. Constructive cryptography-a primer. In R. Sion, R. Curtmola, S. Dietrich, A. Kiayias, J. M. Miret, K. Sako, and F. Sebé, editors, Financial Cryptography and Data Security, volume 6054 of LNCS, page 1. Springer-Verlag, 2010.
20. U. Maurer, K. Pietrzak, and R. Renner. Indistinguishability amplification. In A. Menezes, editor, Advances in Cryptology - CRYPTO 2007, volume 4622 of LNCS, pages 130-149. Springer-Verlag, Aug. 2007.
21. U. Maurer and R. Renner. Abstract cryptography. In preparation, 2010.
22. U. Maurer, R. Renner, and S. Wolf. Unbreakable keys from random noise. In P. Tuyls, B. Škoric, and T. Kevenaar, editors, Security with Noisy Data, pages 21-44. Springer-Verlag, 2007.
23. U. Maurer and P. Schmid. A calculus for security bootstrapping in distributed systems. Journal of Computer Security, 4(1):55-80, 1996.
24. B. Pfitzmann and M. Waidner. A model for asynchronous reactive systems and its application to secure message transmission. In Proceedings of the 2001 IEEE Symposium on Security and Privacy, pages 184-200. IEEE, 2001.
25. M. Ray and S. Dispensa. Renegotiating TLS. Preprint, November 2009.
26. P. Rogaway. Authenticated encryption with associated data. In ACM Conference on Computer and Communications Security, pages 98-107. ACM Press, 2002.
27. P. Rogaway, M. Bellare, and J. Black. OCB: A block-cipher mode of operation for efficient symmetric encryption. ACM Transactions on Information and System Security (TISSEC), 6(3):365-403, August 2003.
28. S. Vaudenay. Security flaws induced by CBC padding - applications to SSL, IPSEC, WTLS... In L. R. Knudsen, editor, Advances in Cryptology - EUROCRYPT 2002, volume 2332 of LNCS, pages 534-545. IACR, Springer-Verlag, 2002.
29. D. Whiting, R. Housley, and N. Ferguson. Counter with CBC-MAC (CCM). Submission to NIST, June 2002.