PudgyTurtle Mode Resists Bit-Flipping Attacks
Cryptosystems employing a synchronous binary-additive stream cipher are susceptible to a generic attack called ’bit-flipping’, in which the ciphertext is modified to decrypt into a fraudulent message. While authenticated encryption and message authentication codes can effectively negate this attack,...
Main Authors: | , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2023-05-01
|
Series: | Cryptography |
Subjects: | |
Online Access: | https://www.mdpi.com/2410-387X/7/2/25 |
_version_ | 1797595406047117312 |
---|---|
author | David A. August Anne C. Smith |
author_facet | David A. August Anne C. Smith |
author_sort | David A. August |
collection | DOAJ |
description | Cryptosystems employing a synchronous binary-additive stream cipher are susceptible to a generic attack called ’bit-flipping’, in which the ciphertext is modified to decrypt into a fraudulent message. While authenticated encryption and message authentication codes can effectively negate this attack, encryption modes can also provide partial protection against bit-flipping. PudgyTurtle is a stream-cipher mode which uses keystream to encode (via an error-correcting code) and to encipher (via modulo-2 addition). Here, we describe the behavior of this mode during bit-flipping attacks and demonstrate how it creates uncertainty about the number, positions, and identities of decrypted bits that will be affected. |
first_indexed | 2024-03-11T02:35:58Z |
format | Article |
id | doaj.art-99ac576f5a0d4321804ccee62e197550 |
institution | Directory Open Access Journal |
issn | 2410-387X |
language | English |
last_indexed | 2024-03-11T02:35:58Z |
publishDate | 2023-05-01 |
publisher | MDPI AG |
record_format | Article |
series | Cryptography |
spelling | doaj.art-99ac576f5a0d4321804ccee62e1975502023-11-18T09:55:36ZengMDPI AGCryptography2410-387X2023-05-01722510.3390/cryptography7020025PudgyTurtle Mode Resists Bit-Flipping AttacksDavid A. August0Anne C. Smith1Department of Anesthesia, Massachusetts General Hospital, Boston, MA 02114, USAIndependent Researcher, Boston, MA 02114, USACryptosystems employing a synchronous binary-additive stream cipher are susceptible to a generic attack called ’bit-flipping’, in which the ciphertext is modified to decrypt into a fraudulent message. While authenticated encryption and message authentication codes can effectively negate this attack, encryption modes can also provide partial protection against bit-flipping. PudgyTurtle is a stream-cipher mode which uses keystream to encode (via an error-correcting code) and to encipher (via modulo-2 addition). Here, we describe the behavior of this mode during bit-flipping attacks and demonstrate how it creates uncertainty about the number, positions, and identities of decrypted bits that will be affected.https://www.mdpi.com/2410-387X/7/2/25error-correcting codenon-systematic codesymmetric encryptionstream cipherencryption modesmalleability |
spellingShingle | David A. August Anne C. Smith PudgyTurtle Mode Resists Bit-Flipping Attacks Cryptography error-correcting code non-systematic code symmetric encryption stream cipher encryption modes malleability |
title | PudgyTurtle Mode Resists Bit-Flipping Attacks |
title_full | PudgyTurtle Mode Resists Bit-Flipping Attacks |
title_fullStr | PudgyTurtle Mode Resists Bit-Flipping Attacks |
title_full_unstemmed | PudgyTurtle Mode Resists Bit-Flipping Attacks |
title_short | PudgyTurtle Mode Resists Bit-Flipping Attacks |
title_sort | pudgyturtle mode resists bit flipping attacks |
topic | error-correcting code non-systematic code symmetric encryption stream cipher encryption modes malleability |
url | https://www.mdpi.com/2410-387X/7/2/25 |
work_keys_str_mv | AT davidaaugust pudgyturtlemoderesistsbitflippingattacks AT annecsmith pudgyturtlemoderesistsbitflippingattacks |