PudgyTurtle Mode Resists Bit-Flipping Attacks
Cryptosystems employing a synchronous binary-additive stream cipher are susceptible to a generic attack called ’bit-flipping’, in which the ciphertext is modified to decrypt into a fraudulent message. While authenticated encryption and message authentication codes can effectively negate this attack,...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2023-05-01
|
| Series: | Cryptography |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2410-387X/7/2/25 |
| _version_ | 1797595406047117312 |
|---|---|
| author | David A. August Anne C. Smith |
| author_facet | David A. August Anne C. Smith |
| author_sort | David A. August |
| collection | DOAJ |
| description | Cryptosystems employing a synchronous binary-additive stream cipher are susceptible to a generic attack called ’bit-flipping’, in which the ciphertext is modified to decrypt into a fraudulent message. While authenticated encryption and message authentication codes can effectively negate this attack, encryption modes can also provide partial protection against bit-flipping. PudgyTurtle is a stream-cipher mode which uses keystream to encode (via an error-correcting code) and to encipher (via modulo-2 addition). Here, we describe the behavior of this mode during bit-flipping attacks and demonstrate how it creates uncertainty about the number, positions, and identities of decrypted bits that will be affected. |
| first_indexed | 2024-03-11T02:35:58Z |
| format | Article |
| id | doaj.art-99ac576f5a0d4321804ccee62e197550 |
| institution | Directory Open Access Journal |
| issn | 2410-387X |
| language | English |
| last_indexed | 2024-03-11T02:35:58Z |
| publishDate | 2023-05-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Cryptography |
| spelling | doaj.art-99ac576f5a0d4321804ccee62e1975502023-11-18T09:55:36ZengMDPI AGCryptography2410-387X2023-05-01722510.3390/cryptography7020025PudgyTurtle Mode Resists Bit-Flipping AttacksDavid A. August0Anne C. Smith1Department of Anesthesia, Massachusetts General Hospital, Boston, MA 02114, USAIndependent Researcher, Boston, MA 02114, USACryptosystems employing a synchronous binary-additive stream cipher are susceptible to a generic attack called ’bit-flipping’, in which the ciphertext is modified to decrypt into a fraudulent message. While authenticated encryption and message authentication codes can effectively negate this attack, encryption modes can also provide partial protection against bit-flipping. PudgyTurtle is a stream-cipher mode which uses keystream to encode (via an error-correcting code) and to encipher (via modulo-2 addition). Here, we describe the behavior of this mode during bit-flipping attacks and demonstrate how it creates uncertainty about the number, positions, and identities of decrypted bits that will be affected.https://www.mdpi.com/2410-387X/7/2/25error-correcting codenon-systematic codesymmetric encryptionstream cipherencryption modesmalleability |
| spellingShingle | David A. August Anne C. Smith PudgyTurtle Mode Resists Bit-Flipping Attacks Cryptography error-correcting code non-systematic code symmetric encryption stream cipher encryption modes malleability |
| title | PudgyTurtle Mode Resists Bit-Flipping Attacks |
| title_full | PudgyTurtle Mode Resists Bit-Flipping Attacks |
| title_fullStr | PudgyTurtle Mode Resists Bit-Flipping Attacks |
| title_full_unstemmed | PudgyTurtle Mode Resists Bit-Flipping Attacks |
| title_short | PudgyTurtle Mode Resists Bit-Flipping Attacks |
| title_sort | pudgyturtle mode resists bit flipping attacks |
| topic | error-correcting code non-systematic code symmetric encryption stream cipher encryption modes malleability |
| url | https://www.mdpi.com/2410-387X/7/2/25 |
| work_keys_str_mv | AT davidaaugust pudgyturtlemoderesistsbitflippingattacks AT annecsmith pudgyturtlemoderesistsbitflippingattacks |