Block Cipher Modes

• Introductions
  • Block Cipher Modes (Savard)
• Counter mode
  • Comments to NIST Concerning AES Modes of Operations: CTR-Mode Encryption (Helger Lipmaa, Phillip Rogaway, David Wagner, 2000)
  • Attacks on Additive Encryption of Redundant Plaintext and Implications on Internet Security (David A. McGrew and Scott R.Fluhrer, SAC 2000)
  • Segmented Integer Counter Mode: Specification and Rationale (David McGrew, 2000, manuscript)
  • Concrete Security Analysis of CTR-OFB and CTR-CFB Modes of Operation (Jaechul Sung, Sangjin Lee, Jongin Lim, Wonik Lee, Okyeon Yi)
  • Counter Mode Security: Analysis and Recommendations (David A. McGrew)
  • High Efficiency Counter Mode Security Architecture via Prediction and Precomputation (Weidong Shi, Hsien-Hsin S. Lee, Mrinmoy Ghosh, Chenghuai Lu, Alexandra Boldyreva, ISCA 2005)
• Self-synchronizing modes
  • Optimized Self-Synchronizing Mode of Operation (Ammar Alkassar, Alexander Geraldy, Birgit Pfitzmann, Ahmad-Reza Sadeghi, FSE 2001)
  • Comparison of Two Self-Synchronizing Cipher Modes (Fang Yang and Howard M. Heys, 2004)
• All-or-Nothing Transforms and Exposure-Resilient Functions []
  • All-Or-Nothing Encryption and The Package Transform (Ronald Rivest, 1997)
  • Something About All or Nothing (Transforms) (Stinson, 1999)
  • On the Security Properties of OAEP as an All-or-nothing Transform (Victor Boyko, Crypto '99)
  • Exposure-Resilient Functions and All-Or-Nothing Transforms (Canetti, Dodis, Halevi, Kushilevitz, Sahai, Eurocrypt 2000)
  • Optimal Lower Bound for Perfect All-Or-Nothing Transforms (Dodis, Sahai, Smith, 2000)
  • The Security of All-Or-Nothing Encryption: Protecting Against Exhaustive Key Search (Desai, Crypto 2000)
  • PCBC Attack (David Wagner)
• Modes for weakly secure block ciphers
  • Expanding Pseudorandom Functions; or: From Known-Plaintext Security to Chosen-Plaintext Security (Ivan B. Damgård and Jesper Buus Nielsen, Crypto 2002)
• Large-block modes
  • Papers
    • Tweakable Enciphering Modes for Sector-Level Encryption (Halevi, Rogaway, 2002)
    • A tweakable encryption mode (Rogaway, Halevi, 2003)
    • A Parallelizable Enciphering Mode (Shai Halevi, Phillip Rogaway)
  • Overviews
    • Discussion on Space-Efficient Block Storage Integrity
• FIPS
  • DES Modes of Operation (FIP 81)
  • DES Modes of Operation (FIP 81, change)
  • Recommendation for Block Cipher Modes of Operation (draft) (NIST, 2001)
• Symmetric Key Block Cipher Modes of Operation Workshop (AES related)
  • NIST Modes of Operation 2nd workshop
• @Authenticated Encryption (XCBC, XECB, IAPM, OCB etc)
• Cryptanalysis
  • Cryptanalysis of Multiple Modes of Operation (Eli Biham, JoC 1998)
    • Alternative download
  • Cryptanalysis of Triple-Modes of Operation (Eli Biham, 1996)
  • Cryptanalysis of the ANSI X9.52 CBCM Mode (Eli Biham, Lars Knudsen)
  • Birthday attack on CBC (Serge Vaudenay)
  • A Concrete Security Treatment of Symmetric Encryption: Analysis of the DES Modes of Operation (Mihir Bellare, Anand Desai, Eron Jokipii and Phillip Rogaway })
• Markus Jakobsson, Julien P. Stern, Moti Yung, 1999 (05.10.00)
• Why key = iv is bad?
  • Key as IV broken (David Wagner)
  • Key as IV broken (again) (David Wagner)
  • See also
    • Reconciling two views of cryptography (The computational soundness of formal encryption) (Martin Abadi and Phillip Rogaway, 2000)

---

Cryptology Pointers by Helger Lipmaa
Got any suggestions or additional links? Mail to <helger.lipmaa>gmail.com
NB! If you find any broken links, please be kind and report them to me together with their current location!

(C) Helger Lipmaa 1997-2009.