An Authenticated Encryption scheme is used to guarantee both privacy and authenticity of digital data. At FSE 2014, an authenticated encryption scheme called CLOC was proposed. CLOC is designed to handle short input data efficiently without needing heavy precomputation nor large memory. This is achieved by making various cases of different treatments in the encryption process depending on the input data. Five tweak functions are used to handle the conditional branches, and they are designed to satisfy 55 differential probability constraints, which are used in the security proof of CLOC. In this paper, we show that all these 55 constraints are necessary. This shows the design optimality of the tweak functions in CLOC in that the constraints cannot be relaxed, and hence the specification of the tweak functions cannot be simplified.
Hayato KOBAYASHI
Nagoya University
Kazuhiko MINEMATSU
NEC Corporation
Tetsu IWATA
Nagoya University
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Hayato KOBAYASHI, Kazuhiko MINEMATSU, Tetsu IWATA, "Optimality of Tweak Functions in CLOC" in IEICE TRANSACTIONS on Fundamentals,
vol. E98-A, no. 10, pp. 2152-2164, October 2015, doi: 10.1587/transfun.E98.A.2152.
Abstract: An Authenticated Encryption scheme is used to guarantee both privacy and authenticity of digital data. At FSE 2014, an authenticated encryption scheme called CLOC was proposed. CLOC is designed to handle short input data efficiently without needing heavy precomputation nor large memory. This is achieved by making various cases of different treatments in the encryption process depending on the input data. Five tweak functions are used to handle the conditional branches, and they are designed to satisfy 55 differential probability constraints, which are used in the security proof of CLOC. In this paper, we show that all these 55 constraints are necessary. This shows the design optimality of the tweak functions in CLOC in that the constraints cannot be relaxed, and hence the specification of the tweak functions cannot be simplified.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E98.A.2152/_p
Copy
@ARTICLE{e98-a_10_2152,
author={Hayato KOBAYASHI, Kazuhiko MINEMATSU, Tetsu IWATA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Optimality of Tweak Functions in CLOC},
year={2015},
volume={E98-A},
number={10},
pages={2152-2164},
abstract={An Authenticated Encryption scheme is used to guarantee both privacy and authenticity of digital data. At FSE 2014, an authenticated encryption scheme called CLOC was proposed. CLOC is designed to handle short input data efficiently without needing heavy precomputation nor large memory. This is achieved by making various cases of different treatments in the encryption process depending on the input data. Five tweak functions are used to handle the conditional branches, and they are designed to satisfy 55 differential probability constraints, which are used in the security proof of CLOC. In this paper, we show that all these 55 constraints are necessary. This shows the design optimality of the tweak functions in CLOC in that the constraints cannot be relaxed, and hence the specification of the tweak functions cannot be simplified.},
keywords={},
doi={10.1587/transfun.E98.A.2152},
ISSN={1745-1337},
month={October},}
Copy
TY - JOUR
TI - Optimality of Tweak Functions in CLOC
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 2152
EP - 2164
AU - Hayato KOBAYASHI
AU - Kazuhiko MINEMATSU
AU - Tetsu IWATA
PY - 2015
DO - 10.1587/transfun.E98.A.2152
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E98-A
IS - 10
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - October 2015
AB - An Authenticated Encryption scheme is used to guarantee both privacy and authenticity of digital data. At FSE 2014, an authenticated encryption scheme called CLOC was proposed. CLOC is designed to handle short input data efficiently without needing heavy precomputation nor large memory. This is achieved by making various cases of different treatments in the encryption process depending on the input data. Five tweak functions are used to handle the conditional branches, and they are designed to satisfy 55 differential probability constraints, which are used in the security proof of CLOC. In this paper, we show that all these 55 constraints are necessary. This shows the design optimality of the tweak functions in CLOC in that the constraints cannot be relaxed, and hence the specification of the tweak functions cannot be simplified.
ER -