International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Encryption Modes with Almost Free Message Integrity

Authors:
Charanjit S. Jutla
Download:
URL: http://eprint.iacr.org/2000/039
Search ePrint
Search Google
Abstract: We define a new mode of operation for block encryption which in addition to assuring confidentiality also assures message integrity. In contrast, previously for message integrity a separate pass was required to compute a cryptographic message authentication code (MAC). The new mode of operation, called Integrity Aware CBC (IACBC), requires a total of m + log m block encryptions on a plaintext of length m blocks. The well known CBC (cipher block chaining) mode requires m block encryptions. The second pass of computing the MAC essentially requires additional m block encryptions. We also show a lower bound of \Omega(log m) additional block encryptions for any reasonably modeled (linear) scheme which assures message integrity along with confidentiality.
BibTeX
@misc{eprint-2000-11383,
  title={Encryption Modes with Almost Free Message Integrity},
  booktitle={IACR Eprint archive},
  keywords={secret-key cryptography / Block cipher, CBC, authentication, MAC, modes of operation},
  url={http://eprint.iacr.org/2000/039},
  note={ csjutla@watson.ibm.com 11170 received 1 Aug 2000},
  author={Charanjit S. Jutla},
  year=2000
}