Manticore and CS mode : parallelizable encryption with joint cipher-state authentication.

Torgerson, Mark Dolan; Draelos, Timothy J.; Schroeppel, Richard; Miller, Russell D.; Beaver, Cheryl; Anderson, William Erik

doi:10.2172/919631

2004

DOI: 10.2172/919631

|View full text |Cite

Manticore and CS mode : parallelizable encryption with joint cipher-state authentication.

Mark Dolan Torgerson¹,

Timothy J. Draelos²,

Richard Schroeppel³

et al.

Abstract: We describe a new mode of encryption with inexpensive authentication, which uses information from the internal state of the cipher to provide the authentication. Our algorithms have a number of benefits: 1) the encryption has properties similar to CBC mode, yet the encipherment and authentication can be parallelized and/or pipelined, 2) the authentication overhead is minimal, and 3) the authentication process remains resistant against some IV reuse. We offer a Manticore class of authenticated encryption algori… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2013

Publication Types

Select...

Book1

Relationship

Self Cite0

Independent1

Authors

Journals

Cited by 1 publication

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Attacking and Fixing the CS Mode

Sui

Zhang

et al. 2013

Information and Communications Security

View full text Add to dashboard Cite

The security of the Cipher-State (CS) mode was proposed to NIST as an authenticated encryption (AE) scheme in 2004. The usual SPRP blockcipher security for AE schemes may not guarantee its security. By constructing a special SPRP, one can easily make a key-recovery attack with a single block query. The distinguishing attacks and the forgery attacks can also be made with simpler SPRP constructions. The security flaw relies in the method for generating initial whitening values. To fix this shortcoming, we propose a modified version CS* which incorporates a new method for generating initial whitening values, while keeping the main structure of CS unchanged. As we show, CS* is secure when its underlying blockcipher is an SPRP and halves of which are unpredictable.

show abstract

Attacking and Fixing the CS Mode

Sui

Zhang

et al. 2013

Information and Communications Security

View full text Add to dashboard Cite

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Manticore and CS mode : parallelizable encryption with joint cipher-state authentication.

Cited by 1 publication

References 18 publications

Attacking and Fixing the CS Mode

Attacking and Fixing the CS Mode

Contact Info

Product

Resources

About