  • 刘刚,王鹏,魏荣,叶顶锋.再论Hash-ECB-Hash结构在线密码的构造[J].信息安全学报,已采用    [点击复制]
  • liugang,wangpeng,weirong,yedingfeng.Revisiting Construction of Online Cipher in Hash-ECB-Hash Structure[J].Journal of Cyber Security,Accept   [点击复制]
【打印本页】 【下载PDF全文】 查看/发表评论下载PDF阅读器关闭

过刊浏览    高级检索

本文已被:浏览 1396次   下载 303  
刘刚1, 王鹏1, 魏荣2, 叶顶锋1
关键词:  在线密码  POE  Hash-ECB-Hash结构  在线泛哈希函数  在线认证加密方案
Revisiting Construction of Online Cipher in Hash-ECB-Hash Structure
liugang1, wangpeng1, weirong2, yedingfeng1
(1.Institute of Information Engineering, Chinese Academy of Sciences;2.Beijing Statellite Information Engineer Institute)
Online cipher is an important primitive in many cryptographic schemes, such as authenticated encryption schemes. Con-sidering performance and security, the Hash-ECB-Hash structure provides a potential way to construct parallelizable and CCA secure online cipher. In this paper, we start from the online cipher POE, which is the only instantiation of Hash-ECB-Hash structure in the literature. However, the AXU property of hash function in the hash layer cannot guaran-tee the security of POE as it claimed. In order to thwart the attacks to POE, the output-collision probability of the com-ponent function of the hash layer should be negligible. Then we propose a new concept of online universal hash function (OUHF) including online almost universal (OAU) and online almost XOR universal (OAXU) hash function for the hash layer to meet the condition and prove that the Hash-ECB-Hash structure is CCA secure, if the hash layer is online almost universal (OAU) and the underlying block cipher is CCA secure. We also give several concrete constructions of OAU hash functions, including the CFB and CBC modes. We also give a construction, named MCFB, based on finite field multiplication function and a construction named XCH by chaining the operation XOR of input and output. Using secure online cipher, we construct a simple online authenticated encryption schemes, revisit the security notions of online au-thenticated encryption and prove our scheme is secure for its privacy and integrity.
Key words:  online cipher  POE  Hash-ECB-Hash structure  online universal hash function  online authenticated encryption