CMCC: Misuse Resistant Authenticated Encryption with Minimal Ciphertext Expansion
In some wireless environments, minimizing the size of messages is paramount due to the resulting significant energy savings. We present CMCC (CBC-MAC-CTR-CBC), an authenticated encryption scheme with associated data (AEAD) that is also nonce misuse resistant. The main focus for this work is minimizi...
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2018-12-01
|
| Series: | Cryptography |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2410-387X/2/4/42 |
| _version_ | 1798034995648921600 |
|---|---|
| author | Jonathan Trostle |
| author_facet | Jonathan Trostle |
| author_sort | Jonathan Trostle |
| collection | DOAJ |
| description | In some wireless environments, minimizing the size of messages is paramount due to the resulting significant energy savings. We present CMCC (CBC-MAC-CTR-CBC), an authenticated encryption scheme with associated data (AEAD) that is also nonce misuse resistant. The main focus for this work is minimizing ciphertext expansion, especially for short messages including plaintext lengths less than the underlying block cipher length (e.g., 16 bytes). For many existing AEAD schemes, a successful forgery leads directly to a loss of confidentiality. For CMCC, changes to the ciphertext randomize the resulting plaintext, thus forgeries do not necessarily result in a loss of confidentiality which allows us to reduce the length of the authentication tag. For protocols that send short messages, our scheme is similar to Synthetic Initialization Vector (SIV) mode for computational overhead but has much smaller expansion. We prove both a misuse resistant authenticated encryption (MRAE) security bound and an authenticated encryption (AE) security bound for CMCC. We also present a variation of CMCC, CWM (CMCC With MAC), which provides a further strengthening of the security bounds. |
| first_indexed | 2024-04-11T20:52:00Z |
| format | Article |
| id | doaj.art-789bfa97214a4fb4abc2e82c2d0bf83b |
| institution | Directory Open Access Journal |
| issn | 2410-387X |
| language | English |
| last_indexed | 2024-04-11T20:52:00Z |
| publishDate | 2018-12-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Cryptography |
| spelling | doaj.art-789bfa97214a4fb4abc2e82c2d0bf83b2022-12-22T04:03:49ZengMDPI AGCryptography2410-387X2018-12-01244210.3390/cryptography2040042cryptography2040042CMCC: Misuse Resistant Authenticated Encryption with Minimal Ciphertext ExpansionJonathan Trostle0Independent Researcher, Washington, DC 98684, USAIn some wireless environments, minimizing the size of messages is paramount due to the resulting significant energy savings. We present CMCC (CBC-MAC-CTR-CBC), an authenticated encryption scheme with associated data (AEAD) that is also nonce misuse resistant. The main focus for this work is minimizing ciphertext expansion, especially for short messages including plaintext lengths less than the underlying block cipher length (e.g., 16 bytes). For many existing AEAD schemes, a successful forgery leads directly to a loss of confidentiality. For CMCC, changes to the ciphertext randomize the resulting plaintext, thus forgeries do not necessarily result in a loss of confidentiality which allows us to reduce the length of the authentication tag. For protocols that send short messages, our scheme is similar to Synthetic Initialization Vector (SIV) mode for computational overhead but has much smaller expansion. We prove both a misuse resistant authenticated encryption (MRAE) security bound and an authenticated encryption (AE) security bound for CMCC. We also present a variation of CMCC, CWM (CMCC With MAC), which provides a further strengthening of the security bounds.https://www.mdpi.com/2410-387X/2/4/42energy constrained cryptographyauthenticated encryptionmisuse resistance |
| spellingShingle | Jonathan Trostle CMCC: Misuse Resistant Authenticated Encryption with Minimal Ciphertext Expansion Cryptography energy constrained cryptography authenticated encryption misuse resistance |
| title | CMCC: Misuse Resistant Authenticated Encryption with Minimal Ciphertext Expansion |
| title_full | CMCC: Misuse Resistant Authenticated Encryption with Minimal Ciphertext Expansion |
| title_fullStr | CMCC: Misuse Resistant Authenticated Encryption with Minimal Ciphertext Expansion |
| title_full_unstemmed | CMCC: Misuse Resistant Authenticated Encryption with Minimal Ciphertext Expansion |
| title_short | CMCC: Misuse Resistant Authenticated Encryption with Minimal Ciphertext Expansion |
| title_sort | cmcc misuse resistant authenticated encryption with minimal ciphertext expansion |
| topic | energy constrained cryptography authenticated encryption misuse resistance |
| url | https://www.mdpi.com/2410-387X/2/4/42 |
| work_keys_str_mv | AT jonathantrostle cmccmisuseresistantauthenticatedencryptionwithminimalciphertextexpansion |