< Terug naar vorige pagina
Short non-malleable codes from related-key secure block ciphers
Tijdschriftbijdrage - Tijdschriftartikel
© 2018, Ruhr-Universitat Bochum. All rights reserved. A non-malleable code is an unkeyed randomized encoding scheme that offers the strong guarantee that decoding a tampered codeword either results in the original message, or in an unrelated message. We consider the simplest possible construction in the computational split-state model, which simply encodes a message m as k|| ɛ k (m) for a uniformly random key k, where ɛ is a block cipher. This construction is comparable to, but greatly simplifies over, the one of Kiayias et al. (ACM CCS 2016), who eschewed this simple scheme in fear of related-key attacks on ɛ. In this work, we prove this construction to be a strong non-malleable code as long as ɛ is (i) a pseudorandom permutation under leakage and (ii) related-key secure with respect to an arbitrary but fixed key relation. Both properties are believed to hold for “good” block ciphers, such as AES-128, making this non-malleable code very efficient with short codewords of length |m| + 2τ (where τ is the security parameter, e.g., 128 bits), without significant security penalty.
Tijdschrift: IACR Transactions on Symmetric Cryptology
Pagina's: 336 - 352
Jaar van publicatie:2018