© Institution of Engineering and Technology
We describe a forgery attack on the RPC incremental unforgeable encryption scheme. The attack allows an adversary to forge a new ciphertext with probability 1/2 using 2r/2 incremental update queries, where r is the parameter of random values used in the RPC scheme and is at most half the block length of the block cipher used. However, the original analysis claimed that on the order of 2r queries would be needed. When applying the attack to the scheme using a block cipher with 128-bit block length and assuming r = 48 as suggested in the original article of the RPC scheme, the adversary can obtain a forgery with probability 1/2 after 224 update queries. Even in the case of 256-bit RPC scheme with r = 64, the required number of queries is only 232. We also propose two methods to strengthen the RPC scheme for defeating the proposed attack.
References
-
-
1)
-
Buonanno, E., Katz, J., Yung, M.: `Incremental unforgeable encryption', FSE 2001, April 2001, Yokohama, Japan, p. 109–124, LNCS 2355.
-
2)
-
Katz, J., Yung, M.: `Unforgeable encryption and chosen ciphertext secure modes of operation', FSE 2000, April 2000, New York, NY, USA, p. 284–299, LNCS 1978.
-
3)
-
Bellare, M., Goldreich, O., Goldwasser, S.: `Incremental cryptography: The case of hashing and signing', Proc. Advances in Cryptology–Crypto 94, August 1994, Santa Barbara, California, p. 216–233, LNCS 839.
-
4)
-
Bellare, M., Micciancio, D.: `A new paradigm for collision-free hashing: incrementality at reduced cost', Proc. Advances in Cryptology–Eurocrypt 97, May 1997, Konstanz, Germany, p. 163–192, LNCS 1233.
-
5)
-
Bellare, M., Namprempre, C.: `Authenticated encryption: relations among notions and analysis of the generic composition paradigm', Proc. Advances in Cryptology–ASIACRYPT 2000, December 2000, Kyoto, JAPAN, p. 531–545, LNCS 1976.
-
6)
-
Jutla, C.S.: `Encryption modes with almost free message integrity', Proc. Advances in Cryptology–EUROCRYPT 2001, May 2001, Innsbruck, Austria, p. 529–544, LNCS 2045.
http://iet.metastore.ingenta.com/content/journals/10.1049/ip-ifs_20060085
Related content
content/journals/10.1049/ip-ifs_20060085
pub_keyword,iet_inspecKeyword,pub_concept
6
6