HCH: A New Tweakable Enciphering Scheme Using the Hash-Encrypt-Hash Approach

  • Debrup Chakraborty
  • Palash Sarkar
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4329)


The notion and the first construction of a tweakable enciphering scheme, called CMC, was presented by Halevi-Rogaway at Crypto 2003. In this paper, we present HCH, which is a new construction of such a scheme. The construction uses the hash-encrypt-hash approach introduced by Naor-Reingold. This approach has recently been used in the constructions of tweakable enciphering schemes HCTR and PEP. HCH has several advantages over the previous schemes CMC, EME, EME*, HCTR, and PEP. CMC, EME, and EME* use two block-cipher invocations per message block, while HCTR, PEP, and HCH use only one. PEP uses four multiplications per block, while HCTR and HCH use only two. In HCTR, the security bound is cubic, while in HCH security bound is quadratic.


modes of operations tweakable encryption strong pseudo-random permutation 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
  2. 2.
    Chakraborty, D., Sarkar, P.: A new mode of operation providing a tweakable strong pseudorandom permutation. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 293–309. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  3. 3.
    Halevi, S.: EME*: Extending EME to handle arbitrary-length messages with associated data. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 315–327. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Halevi, S., Rogaway, P.: A tweakable enciphering mode. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 482–499. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Halevi, S., Rogaway, P.: A parallelizable enciphering mode. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 292–304. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Liskov, M., Rivest, R.L., Wagner, D.: Tweakable block ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31–46. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  7. 7.
    Naor, M., Reingold, O.: A pseudo-random encryption mode (manuscript), Available from:
  8. 8.
    Naor, M., Reingold, O.: On the construction of pseudorandom permutations: Luby-Rackoff revisited. J. Cryptology 12(1), 29–66 (1999)zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Wang, P., Feng, D., Wu, W.: HCTR: A variable-input-length enciphering mode. In: Feng, D., Lin, D., Yung, M. (eds.) CISC 2005. LNCS, vol. 3822, pp. 175–188. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Wegman, M.N., Carter, L.: New hash functions and their use in authentication and set equality. J. Comput. Syst. Sci. 22(3), 265–279 (1981)zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Debrup Chakraborty
    • 1
  • Palash Sarkar
    • 2
  1. 1.Computer Science DepartmentCINVESTAV-IPNMexicoMexico
  2. 2.Applied Statistics UnitIndian Statistical InstituteKolkataIndia

Personalised recommendations