research-article

Public Access

Automated Analysis and Synthesis of Authenticated Encryption Schemes

Authors:

Viet Tung Hoang,

Alex J. MalozemoffAuthors Info & Claims

CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

Pages 84 - 95

https://doi.org/10.1145/2810103.2813636

Published: 12 October 2015 Publication History

Abstract

Authenticated encryption (AE) schemes are symmetric-key encryption schemes ensuring strong notions of confidentiality and integrity. Although various AE schemes are known, there remains significant interest in developing schemes that are more efficient, meet even stronger security notions (e.g., misuse-resistance), or satisfy certain non-cryptographic properties (e.g., being patent-free).

We present an automated approach for analyzing and synthesizing blockcipher-based AE schemes, significantly extending prior work by Malozemoff et al. (CSF 2014) who synthesize encryption schemes satisfying confidentiality only. Our main insight is to restrict attention to a certain class of schemes that is expressive enough to capture several known constructions yet also admits automated reasoning about security. We use our approach to generate thousands of AE schemes with provable security guarantees, both known (e.g., variants of OCB and CCM) and new. Implementing two of these new schemes, we find their performance competitive with state-of-the-art AE schemes.

References

[1]

Joseph A. Akinyele, Matthew Green, and Susan Hohenberger. Using SMT solvers to automate design tasks for encryption and signature schemes. In ACM CCS 2013, pages 399--410, November 2013.

Digital Library

[2]

Joseph A. Akinyele, Matthew Green, Susan Hohenberger, and Matthew W. Pagano. Machine-generated algorithms, proofs and software for the batch verification of digital signature schemes. In ACM CCS 2012, pages 474--487, October 2012.

Digital Library

[3]

Elena Andreeva, Andrey Bogdanov, Atul Luykx, Bart Mennink, Elmar Tischhauser, and Kan Yasuda. Parallelizable and authenticated online ciphers. In Asiacrypt 2013, pages 424--443, December 2013.

Digital Library

[4]

Gilles Barthe, Juan Manuel Crespo, Benjamin Gr�goire, C�sar Kunz, Yassine Lakhnech, Benedikt Schmidt, and Santiago Zanella B�guelin. Fully automated analysis of padding-based encryption in the computational model. In ACM CCS 2013, pages 1247--1260, November 2013.

Digital Library

[5]

Gilles Barthe, Edvard Fagerholm, Dario Fiore, John C. Mitchell, Andre Scedrov, and Benedikt Schmidt. Automated analysis of cryptographic assumptions in generic group models. In Crypto 2014, pages 95--112, August 2014.

[6]

Gilles Barthe, Edvard Fagerholm, Dario Fiore, Andre Scedrov, Benedikt Schmidt, and Mehdi Tibouchi. Strongly-optimal structure preserving signatures from type II pairings: Synthesis and lower bounds. In PKC 2015, pages 355--376, March / April 2015.

[7]

Mihir Bellare and Chanathip Namprempre. Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. Journal of Cryptology, 21(4):469--491, October 2008.

Digital Library

[8]

Mihir Bellare and Phillip Rogaway. The security of triple encryption and a framework for code-based game-playing proofs. In Eurocrypt 2006, pages 409--426, May / June 2006.

Digital Library

[9]

Dan Bernstein. Cryptographic competitions: CAESAR call for submissions, final (2014.01.27). http://competitions.cr.yp.to/caesar-call.html.

[10]

Morris Dworkin. Recommendations for block cipher modes of operation: The CCM mode for authentication and confidentiality. NIST Special Publication 800--38C, July 2007.

[11]

Ewan Fleischmann, Christian Forler, and Stefan Lucks. McOE: A family of almost foolproof on-line authenticated encryption schemes. In FSE 2012, pages 196--215, March 2012.

Digital Library

[12]

Virgil D. Gligor and Pompiliu Donescu. Fast encryption and authentication: XCBC encryption and XECB authentication modes. In FSE 2001, pages 92--108, April 2002.

Digital Library

[13]

Viet Tung Hoang, Jonathan Katz, and Alex J. Malozemoff. Automated analysis and synthesis of authenticated encryption schemes. Cryptology ePrint Archive, Report 2015/624, 2015. https://eprint.iacr.org/2015/624.

[14]

Tetsu Iwata, Keisuke Ohashi, and Kazuhiko Minematsu. Breaking and repairing GCM security proofs. In Crypto 2012, pages 31--49, August 2012.

Digital Library

[15]

Tetsu Iwata and Kan Yasuda. B™: A single-key, inverse-cipher-free mode for deterministic authenticated encryption. In SAC 2009, pages 313--330, August 2009.

Digital Library

[16]

Jonathan Katz and Moti Yung. Unforgeable encryption and chosen ciphertext secure modes of operation. In FSE 2000, pages 284--299, April 2001.

Digital Library

[17]

Ted Krovetz and Phillip Rogaway. The software performance of authenticated-encryption modes. In FSE 2011, pages 306--327, February 2011.

Digital Library

[18]

Moses Liskov, Ronald L. Rivest, and David Wagner. Tweakable block ciphers. In Crypto 2002, pages 31--46, August 2002.

[19]

Alex J. Malozemoff, Jonathan Katz, and Matthew D. Green. Automated analysis and synthesis of block-cipher modes of operation. In IEEE CSF 2014, pages 140--152, July 2014.

Digital Library

[20]

David A. McGrew and John Viega. The security and performance of the Galois/counter mode (GCM) of operation. In Indocrypt 2004, pages 343--355, December 2004.

Digital Library

[21]

Kazuhiko Minematsu. Parallelizable rate-1 authenticated encryption from pseudorandom functions. In Eurocrypt 2014, pages 275--292, May 2014.

[22]

Phillip Rogaway. Authenticated-encryption with associated-data. In ACM CCS 2002, pages 98--107, November 2002.

Digital Library

[23]

Phillip Rogaway. Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. In Asiacrypt 2004, pages 16--31, December 2004.

[24]

Phillip Rogaway. Nonce-based symmetric encryption. In FSE 2004, pages 348--359, February 2004.

[25]

Phillip Rogaway, Mihir Bellare, John Black, and Ted Krovetz. OCB: A block-cipher mode of operation for efficient authenticated encryption. In ACM CCS 2001, pages 196--205, November 2001.

Digital Library

[26]

Ashish Tiwari, Adri� Gasc�n, and Bruno Dutertre. Program synthesis using dual interpretation. In CADE 2015, August 2015.

Cited By

Meadows C(2024)Formal Verification of CryptosystemsEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-642-27739-9_1673-1(5-8)Online publication date: 4-Jul-2024
https://doi.org/10.1007/978-3-642-27739-9_1673-1
Chichester DDu WKauffman RLin HLynch CM. Marshall AA. Meadows CNarendran PRavishankar VRovira LRozek B(2022)CryptoSolve: Towards a Tool for the Symbolic Analysis of Cryptographic AlgorithmsElectronic Proceedings in Theoretical Computer Science10.4204/EPTCS.370.10370(147-161)Online publication date: 20-Sep-2022
https://doi.org/10.4204/EPTCS.370.10
Rakotonirina IAmbrona MAguirre ABarthe GSuga YSakurai KDing XSako K(2022)Symbolic Synthesis of Indifferentiability AttacksProceedings of the 2022 ACM on Asia Conference on Computer and Communications Security10.1145/3488932.3497759(667-681)Online publication date: 30-May-2022
https://dl.acm.org/doi/10.1145/3488932.3497759
Show More Cited By

Index Terms

Automated Analysis and Synthesis of Authenticated Encryption Schemes
1. Theory of computation

Recommendations

Authenticated Encryption: Relations among Notions and�Analysis of the Generic Composition Paradigm

An authenticated encryption scheme is a symmetric encryption scheme whose goal is to provide both privacy and integrity. We consider two possible notions of authenticity for such schemes, namely integrity of plaintexts and integrity of ciphertexts, and ...
Improved convertible authenticated encryption scheme with provable security

Convertible authenticated encryption (CAE) schemes allow a signer to produce an authenticated ciphertext such that only a designated recipient can decrypt it and verify the recovered signature. The conversion property further enables the designated ...
Self-certified proxy convertible authenticated encryption: formal definitions and a provably secure scheme

In 2009, Wu and Lin introduced the concept of self-certified proxy convertible authenticated encryption SP-CAE by integrating self-certified public-key system and designated verifier proxy signature with message recovery. They also presented the first ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

October 2015

1750 pages

ISBN:9781450338325

DOI:10.1145/2810103

General Chair:
Indrajit Ray
Colorado State University, USA
,
Program Chairs:
Ninghui Li
Purdue University, USA
,
Christopher Kruegel
University of California, Santa Barbara, USA

Copyright � 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 October 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Best Paper

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

CCS'15

Sponsor:

SIGSAC

CCS'15: The 22nd ACM Conference on Computer and Communications Security

October 12 - 16, 2015

Colorado, Denver, USA

Acceptance Rates

CCS '15 Paper Acceptance Rate 128 of 660 submissions, 19%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

20
Total Citations
View Citations
980
Total Downloads

Downloads (Last 12 months)69
Downloads (Last 6 weeks)7

Reflects downloads up to 22 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Meadows C(2024)Formal Verification of CryptosystemsEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-642-27739-9_1673-1(5-8)Online publication date: 4-Jul-2024
https://doi.org/10.1007/978-3-642-27739-9_1673-1
Chichester DDu WKauffman RLin HLynch CM. Marshall AA. Meadows CNarendran PRavishankar VRovira LRozek B(2022)CryptoSolve: Towards a Tool for the Symbolic Analysis of Cryptographic AlgorithmsElectronic Proceedings in Theoretical Computer Science10.4204/EPTCS.370.10370(147-161)Online publication date: 20-Sep-2022
https://doi.org/10.4204/EPTCS.370.10
Rakotonirina IAmbrona MAguirre ABarthe GSuga YSakurai KDing XSako K(2022)Symbolic Synthesis of Indifferentiability AttacksProceedings of the 2022 ACM on Asia Conference on Computer and Communications Security10.1145/3488932.3497759(667-681)Online publication date: 30-May-2022
https://dl.acm.org/doi/10.1145/3488932.3497759
Hollenberg TRosulek MRoy L(2022)A Complete Characterization of Security for Linicrypt Block Cipher Modes2022 IEEE 35th Computer Security Foundations Symposium (CSF)10.1109/CSF54842.2022.9919676(439-454)Online publication date: Aug-2022
https://doi.org/10.1109/CSF54842.2022.9919676
Lin HLynch C(2022)Local XOR Unification: Definitions, Algorithms and Application to CryptographyTheoretical Aspects of Computing – ICTAC 202210.1007/978-3-031-17715-6_18(272-289)Online publication date: 3-Oct-2022
https://doi.org/10.1007/978-3-031-17715-6_18
Barbosa MBarthe GBhargavan KBlanchet BCremers CLiao KParno B(2021)SoK: Computer-Aided Cryptography2021 IEEE Symposium on Security and Privacy (SP)10.1109/SP40001.2021.00008(777-795)Online publication date: May-2021
https://doi.org/10.1109/SP40001.2021.00008
Meadows C(2021)Moving the Bar on Computationally Sound Exclusive-OrComputer Security – ESORICS 202110.1007/978-3-030-88428-4_14(275-295)Online publication date: 2-Oct-2021
https://doi.org/10.1007/978-3-030-88428-4_14
Lin HLynch C(2021)Formal Analysis of Symbolic AuthenticityFrontiers of Combining Systems10.1007/978-3-030-86205-3_15(271-286)Online publication date: 1-Sep-2021
https://doi.org/10.1007/978-3-030-86205-3_15
Lin HLynch CMarshall AMeadows CNarendran PRavishankar VRozek B(2021)Algorithmic Problems in the Symbolic Approach to the Verification of Automatically Synthesized CryptosystemsFrontiers of Combining Systems10.1007/978-3-030-86205-3_14(253-270)Online publication date: 1-Sep-2021
https://doi.org/10.1007/978-3-030-86205-3_14
MUHAMMAD ABDULHAMID SABUBAKAR SADIQ NMOHAMMED ARANA NCHIROMA HGBENGA DADA E(2018)DEVELOPMENT OF BLOWFISH ENCRYPTION SCHEME FOR SECURE DATA STORAGE IN PUBLIC AND COMMERCIAL CLOUD COMPUTING ENVIRONMENTi-manager’s Journal on Cloud Computing10.26634/jcc.5.2.156905:2(1)Online publication date: 2018
https://doi.org/10.26634/jcc.5.2.15690
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents