Cryptanalysis of the EPBC Authenticated Encryption Mode

Mitchell, Chris J.

doi:10.1007/978-3-540-77272-9_8

Chris J. Mitchell¹

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4887))

Included in the following conference series:

IMA International Conference on Cryptography and Coding

931 Accesses
1 Citations

Abstract

A large variety of methods for using block ciphers, so called ‘modes of operation’, have been proposed, including some designed to provide both confidentiality and integrity protection. Such modes, usually known as ‘authenticated encryption’ modes, are increasingly important given the variety of issues now known with the use of unauthenticated encryption. In this paper we show that a mode known as EPBC (Efficient error-Propagating Block Chaining), proposed in 1997 by Zúquete and Guedes, is insecure. Specifically we show that given a modest amount of known plaintext for a single enciphered message, new enciphered messages can be constructed which will pass tests for authenticity. That is, we demonstrate a message forgery attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)
MATH Google Scholar
Bellare, M., Kohno, T., Namprempre, C.: Breaking and provably repairing the SSH authenticated encryption scheme: A case study of the encode-then-encrypt-and-MAC paradigm. ACM Transactions on Information and System Security 7, 206–241 (2004)
Article Google Scholar
Black, J., Urtubia, H.: Side-channel attacks on symmetric encryption schemes: The case for authenticated encryption. In: USENIX 2002. Proceedings of the 11th USENIX Security Symposium, San Francisco, CA, USA August 5-9, 2002 pp. 327–338 (2002)
Google Scholar
Canvel, B., Hiltgen, A., Vaudenay, S., Vuagnoux, M.: Password interception in a SSL/TLS channel. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 583–599. Springer, Heidelberg (2003)
Google Scholar
Paterson, K.G., Yau, A.: Padding oracle attacks on the ISO CBC mode padding standard. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 305–323. Springer, Heidelberg (2004)
Google Scholar
Vaudenay, S.: Security flaws induced by CBC padding — Applications to SSL, IPSEC, WTLS. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 534–545. Springer, Heidelberg (2002)
Chapter Google Scholar
Yau, A.K.L., Paterson, K.G., Mitchell, C.J.: Padding oracle attacks on CBC-mode encryption with secret and random IVs. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 299–319. Springer, Heidelberg (2005)
Google Scholar
Rogaway, P., Bellare, M., Black, J.: OCB: A block-cipher mode of operation for efficient authenticated encryption. ACM Transactions on Information and System Security 6, 365–403 (2003)
Article Google Scholar
Bellare, M., Rogaway, P., Wagner, D.: The EAX mode of operation. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 389–407. Springer, Heidelberg (2004)
Google Scholar
National Institute of Standards and Technology (NIST): NIST Special Publication 800-38C, Recommendation for Block Cipher Modes of Operation: The CCM Mode For Authentication and Confidentiality (2004)
Google Scholar
Whiting, D., Housley, R., Ferguson, N.: RFC 3610, Counter with CBC-MAC (CCM). Internet Engineering Task Force (2003)
Google Scholar
International Organization for Standardization Genève, Switzerland: ISO/IEC 3rd CD 19772, Information technology — Security techniques — Authenticated encryption mechanisms (2007)
Google Scholar
Dent, A.W., Mitchell, C.J.: User’s Guide to Cryptography and Standards. Artech House (2005)
Google Scholar
Zuquete, A., Guedes, P.: Efficient error-propagating block chaining. In: Darnell, M. (ed.) Cryptography and Coding. LNCS, vol. 1355, pp. 323–334. Springer, Heidelberg (1997)
Chapter Google Scholar
Mitchell, C.J.: Cryptanalysis of two variants of PCBC mode when used for message integrity. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 560–571. Springer, Heidelberg (2005)
Google Scholar
International Organization for Standardization Genève, Switzerland: ISO/IEC 18033–3, Information technology — Security techniques — Encryption algorithms — Part 3: Block ciphers (2005)
Google Scholar

Download references

Author information

Authors and Affiliations

Information Security Group, Royal Holloway, University of London, Egham, Surrey TW20 0EX, UK
Chris J. Mitchell

Authors

Chris J. Mitchell
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Steven D. Galbraith

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Mitchell, C.J. (2007). Cryptanalysis of the EPBC Authenticated Encryption Mode. In: Galbraith, S.D. (eds) Cryptography and Coding. Cryptography and Coding 2007. Lecture Notes in Computer Science, vol 4887. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77272-9_8

Download citation

DOI: https://doi.org/10.1007/978-3-540-77272-9_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77271-2
Online ISBN: 978-3-540-77272-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics