Ciphertext verification security of symmetric encryption schemes

This paper formally discusses the security problem caused by the ciphertext verification, presenting a new security notion named IND-CVA (indistinguishability under ciphertext verification attacks) to characterize the privacy of encryption schemes in this situation. Allowing the adversary to access...

Full description

Saved in:
Bibliographic Details
Published in:Science China. Information sciences 2009-09, Vol.52 (9), p.1617-1631
Main Authors: Hu, ZhenYu, Sun, FuChun, Jiang, JianChun
Format: Article
Language:English
Subjects:
Algorithms
Computer Science
Cybersecurity
Encryption
Information Systems and Communication Service
Privacy
Verification
安全计划
对称加密
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This paper formally discusses the security problem caused by the ciphertext verification, presenting a new security notion named IND-CVA (indistinguishability under ciphertext verification attacks) to characterize the privacy of encryption schemes in this situation. Allowing the adversary to access to both encryption oracle and ciphertext verification oracle, the new notion IND-CVA is slightly stronger than IND-CPA (indistinguishability under chosen-plaintext attacks) but much weaker than IND-CCA (indistin- guishability under chosen-ciphertext attacks), and can be satisfied by most of the popular symmetric encryption schemes such as OTP (one-time-pad), CBC (cipher block chaining) and CTR (counter). An MAC (message authentication scheme) is usually combined with an encryption to guarantee secure communication (e.g. SSH, SSL and IPSec). However, with the notion of IND-CVA, this paper shows that a secure MAC can spoil the privacy in some cases.
ISSN:1009-2757
1674-733X
1862-2836
1869-1919
DOI:10.1007/s11432-009-0158-x