Paper 2014/1003

COFFE: Ciphertext Output Feedback Faithful Encryption

Christian Forler, David McGrew, Stefan Lucks, and Jakob Wenzel

Abstract

In this paper we introduce the first authenticated encryption scheme based on a hash function, called COFFE. This research has been motivated by the challenge to fit secure cryptography into constrained devices -- some of these devices have to use a hash function, anyway, and the challenge is to avoid the usage of an additional block cipher to provide authenticated encryption. COFFE satisfies the common security requirements regarding authenticated encryption, i.e., IND-CPA- and INT-CTXT-security. Beyond that, it provides the following additional security features: resistance against side-channel attacks and INT-CTXT security in the nonce-misuse scenario. It also support failure-friendly authentication under reasonable assumptions.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
authenticated encryptionprovable securityside-channelinternet of things.
Contact author(s)
christian forler @ uni-weimar de
History
2014-12-18: received
Short URL
https://ia.cr/2014/1003
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/1003,
      author = {Christian Forler and David McGrew and Stefan Lucks and Jakob Wenzel},
      title = {COFFE: Ciphertext Output Feedback Faithful Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2014/1003},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/1003}},
      url = {https://eprint.iacr.org/2014/1003}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.