Geodesic
The Counter mode with encrypted nonces and its extension to authenticated encryption
Matematičeskie voprosy kriptografii, Tome 11 (2020) no. 2, pp. 7-24 Cet article a éte moissonné depuis la source Math-Net.Ru

Voir la notice de l'article

In the modified CTR (Counter) mode known as CTR2, nonces are encrypted before constructing sequences of counters from them. This way we have only probabilistic guarantees for non-overlapping of the sequences. We show that these guarantees, and therefore the security guarantees of CTR2, are strong enough in two standard scenarios: random nonces and non-repeating nonces. We also show how to extend CTR2 to an authenticated encryption mode which we call CHE (Counter-Hash-Encrypt). To extend, we use one invocation of polynomial hashing and one additional block encryption. 
@article{MVK_2020_11_2_a1,
     author = {S. V. Agievich},
     title = {The {Counter} mode with encrypted nonces and~its~extension~to~authenticated encryption},
     journal = {Matemati\v{c}eskie voprosy kriptografii},
     pages = {7--24},
     year = {2020},
     volume = {11},
     number = {2},
     language = {en},
     url = {http://geodesic.mathdoc.fr/item/MVK_2020_11_2_a1/}
}
TY  - JOUR
AU  - S. V. Agievich
TI  - The Counter mode with encrypted nonces and its extension to authenticated encryption
JO  - Matematičeskie voprosy kriptografii
PY  - 2020
SP  - 7
EP  - 24
VL  - 11
IS  - 2
UR  - http://geodesic.mathdoc.fr/item/MVK_2020_11_2_a1/
LA  - en
ID  - MVK_2020_11_2_a1
ER  - 
%0 Journal Article
%A S. V. Agievich
%T The Counter mode with encrypted nonces and its extension to authenticated encryption
%J Matematičeskie voprosy kriptografii
%D 2020
%P 7-24
%V 11
%N 2
%U http://geodesic.mathdoc.fr/item/MVK_2020_11_2_a1/
%G en
%F MVK_2020_11_2_a1
S. V. Agievich. The Counter mode with encrypted nonces and its extension to authenticated encryption. Matematičeskie voprosy kriptografii, Tome 11 (2020) no. 2, pp. 7-24. http://geodesic.mathdoc.fr/item/MVK_2020_11_2_a1/

[1] Agievich S., “EHE: nonce misuse-resistant message authentication”, Prikl. Discr. Mat., 39 (2018), 33–41 https://eprint.iacr.org/2017/231 | MR

[2] Babash A.V., Shankin G.P., Cryptography, Solon-Press, M., 2007 (In Russian)

[3] Bellare M., Namprempre C., “Authenticated encryption: Relations among notions and analysis of the generic composition paradigm”, J. Cryptology, 21:4 (2008), 469–491 | DOI | MR | Zbl

[4] Bernstein D., A short proof of the unpredictability of cipher block chaining, , 2005 http://cr.yp.to/papers.html#easycbc

[5] Chen S., Steinberger J., “Tight security bounds for key-alternating ciphers”, EUROCRYPT 2014, Lect. Notes Comput. Sci., 8441, 2014, 327–350 | DOI | MR | Zbl

[6] Dworkin M., NIST SP 800-38A. Recommendation for Block Cipher Modes of Operation: Methods and Techniques, National Institute of Standards and Technology (NIST) of the U.S., 2001

[7] GOST 28147-89. Cryptographic Protection for Data Processing Systems. Goverment Standard of the USSR, IPK Izd-vo standartov, M., 1989 (In Russian)

[8] GOST R 34.13-2015. Information technology. Cryptographic data security. Block ciphers operation modes. Government Standard of the Russian Federation, Standardinform, M., 2015 (In Russian)

[9] ISO/IEC 10116. Information technology — Security techniques — Modes of operation of an $n$-bit cipher, Third edition, 2006

[10] McGrew D.A., Viega J., “The security and performance of the Galois/Counter Mode (GCM) of operation”, INDOCRYPT 2004, Lect. Notes Comput. Sci., 3348, 2005, 343–355 | DOI | MR

[11] Nandi M., “Improved security analysis for OMAC as a pseudorandom function”, J. Math. Cryptol., 3 (2009), 133–148 | DOI | MR | Zbl

[12] Patarin J., Etude des Gènèrateurs de Permutations Basès sur le Sch`{e}ma du D.E.S., Thèse de Doctorat en Sci. Appl., de l'Univ. de Paris 6, 1991 (In French) | MR

[13] Rogaway P., “Evaluation of some blockcipher modes of operation”, Cryptography Research and Evaluation Committees (CRYPTREC), 2011 http://www.cryptrec.go.jp/estimation/techrep_id2012_2.pdf

[14] Rogaway P., “Nonce-based symmetric encryption”, FSE 2004, Lect. Notes Comput. Sci., 3017, 2004, 348–358 | DOI

[15] STB 34.101.31-2011. Information Technology and Security. Data Encryption and Integrity Algorithms. Standard of Belarus, 2011 (In Russian) http://apmi.bsu.by/assets/files/std/belt-spec27.pdf