Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Post-quantum Security of the CBC, CFB, OFB, Modes of Operation. CTR, and XTS Modes of Operation. Mayuresh Anand Motivation Mayuresh Anand, Ehsan Ebrahimi Targhi, Gelo Noel Tabia, Results Dominique Unruh Tools Proof sketch: Quantum University of Tartu security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack February 4, 2016 Bibliography Thank You
Table of contents Post-quantum Security of the CBC, CFB, Motivation 1 OFB, CTR, and XTS Modes of Operation. Results 2 Mayuresh Anand Tools 3 Motivation Results Proof sketch: Quantum security of CBC mode using qPRF 4 Tools Insecurity of CBC using standard secure PRF under Proof sketch: quantum attack Quantum security of CBC mode using qPRF Bibliography 5 Insecurity of CBC using standard secure PRF under quantum attack Thank You 6 Bibliography Thank You
Motivation Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Being optimistic about the emergence of Quantum Mayuresh computer we want to evaluate the security of classical Anand crypto-systems under attack by quantum adversaries. Motivation We analyze the security of cipher modes of operation Results CBC, CFB, OFB, CTR, and XTS. Tools Proof sketch: These modes are chosen as per the recommendations in Quantum 2013 ENISA[2] 1 report on encryption algorithms. security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You 1 European Union Agency for Network and Information Security 2013.
Results Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Mode of Classical Standard (quantum) IND-qCPA? Modes of Operation. operation IND-CPA? IND-CPA? (with PRF) (with qPRF) ECB no no no no Mayuresh Anand CBC yes yes no yes CFB yes yes no yes Motivation OFB yes yes yes yes Results CTR yes yes yes yes XTS unknown unknown “no in spirit” unknown Tools Proof sketch: Quantum Table: Summary of our results.“No in spirit” means that there is an security of CBC mode attack using superposition queries that does not formally violate using qPRF IND-qCPA. Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You
Standard Security [4] 2 Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Mayuresh Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You 2 Mark Zhandry, FOCS 2012.
Quantum Security [4] 3 Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Mayuresh Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You 3 Mark Zhandry, FOCS 2012.
IND-CPA Model Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Mayuresh Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You
IND-qCPA Model[1] 4 Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Mayuresh Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You 4 Dan Boneh and Mark Zhandry, CRYPTO 2013.
Quantum security of CBC mode using qPRF Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Mayuresh Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You
Quantum security of CBC mode using qPRF Post-quantum We need to show that output of CBC mode using a qPRF Security of the CBC, CFB, is indistinguishable from truly random string. OFB, CTR, and XTS Define Enc i , H Modes of CBC ( M ). Operation. Mayuresh Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You
Quantum security of CBC mode using qPRF Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Mayuresh Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Use O2H lemma to show that the distinguishing probability by Thank You any quantum adversary is negligible.
One way to hiding (O2H)[3] 5 Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Mayuresh Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You 5 Dominique Unruh, eprint 2013.
Construction of Block cipher for CBC Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Mayuresh Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum BC is a standard secure PRF for any quantum adversary attack Bibliography given classical access to it and quantum access to H . Thank You BC has a collision such that ∀ x ∃ x ′ : x ⊕ ( k � 1) = x ′ .
Proof Idea:Standard security of BC Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Mayuresh Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You
Proof Idea:Standard security of BC Post-quantum Idea: to replace E in BC by a random function. Security of the CBC, CFB, if we replace key H ( k ) of E by a random key k , we can OFB, CTR, and XTS use O2H lemma. Modes of we define adversary A O 2 H and block cipher BC ′ k Operation. w with E Mayuresh using random key. Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You
Proof Idea:Standard security of BC Post-quantum We have the games as in O2H lemma Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Mayuresh Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You
Proof Idea:Standard security of BC Post-quantum Game G0 is replaced by G2. Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Mayuresh Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You
Proof Idea:Standard security of BC We now replace E by a random function ˜ Post-quantum E Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Mayuresh Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You
Proof Idea:Standard security of BC Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Mayuresh Anand The only difference between the two games is when same query is queried again. Motivation Results By fundamental lemma of games we get the probability to Tools be negligible. Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You
Quantum attack on CBC mode using standard secure PRF Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Modes of Operation. Mayuresh Anand Motivation Results Tools Proof sketch: Quantum security of CBC mode using qPRF Insecurity of CBC using standard secure BC has similar structure as function f and hence this PRF under quantum attack weakness can be exploited to get key k . Bibliography Thank You
Post-quantum Security of the CBC, CFB, OFB, CTR, and XTS Modes of Dan Boneh and Mark Zhandry. Operation. Secure signatures and chosen ciphertext security in a quantum computing world. https://eprint.iacr.org/2013/088 , 2013. Mayuresh The definition of IND-qCPA only appear in this eprint, not in the conference version. Anand (ENISA). Algorithms, key sizes and parameters report - 2013 recommendations. Motivation https://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report , Results October 2013. Tools Dominique Unruh. Revocable quantum timed-release encryption. Proof sketch: IACR Cryptology ePrint Archive , 2013:606, 2013. Quantum security of Mark Zhandry. CBC mode How to construct quantum random functions. using qPRF In 53rd Annual IEEE Symposium on Foundations of Computer Science, FOCS 2012, New Brunswick, NJ, USA, October 20-23, 2012 , pages 679–687. IEEE Computer Society, 2012. Insecurity of CBC using standard secure PRF under quantum attack Bibliography Thank You
Recommend
More recommend