Author_Institution :
DGA, Univ. de Versailles St-Quentin-en-Yvelines, Versailles, France
Abstract :
In 2002, in two independent papers, Bellare, Kohno, and Namprempre and Joux, Martinet, and Valette introduced the notion of blockwise security for modes of operations. This notion stems from common practice, since in many applications, modes of operation for block ciphers do not process messages as atomic entities but in a incremental manner, block after block. Soon afterward, several papers showed that many modes of operation are already blockwise secure and that others can be made secure by simple modifications. In this paper, we revisit these results, by comparing possible attacks on modes of operation after the birthday bound is reached. Amusingly, in spite having essentially identical security proofs up to this bound, modes of operation in the blockwise model behave very differently than their counterparts in the regular model, once the birthday paradox bound is crossed.
Keywords :
cryptography; telecommunication security; birthday bound; block ciphers; blockwise security; Application software; Broadcasting; Computer security; Cryptography; Data security; Dissolved gas analysis; Hardware; Information security; Secure storage; Blockwise security; cycle finding algorithms; modes of operation;
