Symmetric Nonce Respecting Security Model and the MEM Mode of Operation
The MEM mode is a nonce-based encryption mode of operation proposed by Chakraborty and Sarkar, which was claimed to be secure against symmetric nonce respecting adversaries. We first compare this security model with two similar models and then show that MEM is not secure under symmetric respecting attacks. One attack needs one decryption and one encryption queries, and the other only needs one encryption query.
KeywordsBlockcipher tweakable blockcipher modes of operation nonce-based encryption security model
Unable to display preview. Download preview PDF.
- 2.Chakraborty, D., Sarkar, P.: A new mode of encryption secure against symmetric nonce respecting adversaries. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 293–309. Springer, Heidelberg (2006); Cryptology ePrint Archive, Report 2006/062 (2006), http://eprint.iacr.org/ CrossRefGoogle Scholar
- 9.Rogaway, P.: The EMD mode of operation (tweaked, wide-blocksize, strong PRP) (2002), http://eprint.iacr.org/2002/148.pdf
- 12.Rogaway, P., Bellare, M., Black, J., Krovetz, T.: OCB: a block-cipher mode of operation for efficient authenticated encryptiona. In: Proceedings of the 8th ACM Conference on Computer and Communications Security, pp. 196–205 (2001)Google Scholar