Article

The security of triple encryption and a framework for code-based game-playing proofs

Authors:

Phillip RogawayAuthors Info & Claims

EUROCRYPT'06: Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques

Pages 409 - 426

https://doi.org/10.1007/11761679_25

Published: 28 May 2006 Publication History

Abstract

We show that, in the ideal-cipher model, triple encryption (the cascade of three independently-keyed blockciphers) is more secure than single or double encryption, thereby resolving a long-standing open problem. Our result demonstrates that for DES parameters (56-bit keys and 64-bit plaintexts) an adversary's maximal advantage against triple encryption is small until it asks about 2⁷⁸ queries. Our proof uses code-based game-playing in an integral way, and is facilitated by a framework for such proofs that we provide.

References

[1]

W. Aiello, M. Bellare, G. Di Crescenzo, and R. Venkatesan. Security amplification by composition: the case of doubly-iterated, ideal ciphers. Advances in Cryptology -- CRYPTO '98, Lecture Notes in Computer Science, vol 1462, Springer, pp. 390-407, 1998.

Digital Library

[2]

M. Bellare and S. Goldwasser. New paradigms for digital signatures and message authentication based on non-interactive zero knowledge proofs. Advances in Cryptology -- CRYPTO '89, Lecture Notes in Computer Science, vol. 435, Springer, pp. 194-211, 1990.

Digital Library

[3]

M. Bellare and P. Rogaway. Code-based game-playing proofs and the security of triple encryption. Cryptology ePrint archive report 2004/331, 2006.

[4]

W. Diffie and M. Hellman. Exhaustive cryptanalysis of the data encryption standard. Computer, vol. 10, pp. 74-84, 1977.

Digital Library

[5]

S. Even and O. Goldreich. On the power of cascade ciphers. ACM Transactions on Computer Systems, vol. 3, no. 2, pp. 108-116, 1985.

Digital Library

[6]

S. Even and Y. Mansour. A construction of a cipher from a single pseudorandom permutation. Advances in Cryptology -- ASIACRYPT '91, Lecture Notes in Computer Science, vol.739, Springer, pp. 210-224, 1993.

Digital Library

[7]

S. Goldwasser and S. Micali. Probabilistic encryption. J. Comput. Syst. Sci., vol. 28, no. 2, pp. 270-299, 1984. Earlier version in STOC '82.

[8]

S. Halevi. A plausible approach to computer-aided cryptographic proofs. Cryptology ePrint archive report 2005/181, 2005.

[9]

J. Kilian and P. Rogaway. How to protect DES against exhaustive key search (an analysis of DESX). J. of Cryptology, vol. 14, no. 1, pp. 17-35, 2001. Earlier version in Crypto '96.

Digital Library

[10]

S. Lucks. Attacking triple encryption. Fast Software Encryption (FSE '98), Lecture Notes in Computer Science, vol. 1372, Springer, pp. 239-253, 1998.

Digital Library

[11]

U. Maurer and J. Massey. Cascade ciphers: the importance of being first. J. of Cryptology, vol. 6, no. 1, pp. 55-61, 1993.

Digital Library

[12]

R. Merkle and M. Hellman. On the security of multiple encryption. Communications of the ACM, vol. 24, pp. 465-467, 1981.

Digital Library

[13]

National Institute of Standards and Technology. FIPS PUB 46-3, Data Encryption Standard (DES), 1999. Also ANSI X9.52, Triple Data Encryption Algorithm modes of operation, 1998, and other standards.

[14]

C. Shannon. Communication theory of secrecy systems. Bell Systems Technical Journal, vol. 28, no. 4, pp. 656-715, 1949.

[15]

V. Shoup. Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint archive report 2004/332, 2006.

[16]

A. Yao. Theory and applications of trapdoor functions. IEEE Symposium on the Foundations of Computer Science (FOCS 1982), IEEE Press, pp. 80-91, 1982.

Cited By

Gregersen SAguirre AHaselwarter PTassarotti JBirkedal L(2024)Asynchronous Probabilistic Couplings in Higher-Order Separation LogicProceedings of the ACM on Programming Languages10.1145/36328688:POPL(753-784)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632868
Ma JLiu HZhang MLiu Z(2024)VPFLKnowledge-Based Systems10.1016/j.knosys.2024.112115299:COnline publication date: 5-Sep-2024
https://dl.acm.org/doi/10.1016/j.knosys.2024.112115
Berti FHazay CLevi I(2024)-: Leakage-Resilient Oblivious TransferSecurity and Cryptography for Networks10.1007/978-3-031-71070-4_9(182-204)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1007/978-3-031-71070-4_9
Show More Cited By

Recommendations

A Framework for Identity-Based Encryption with Almost Tight Security
Proceedings, Part I, of the 21st International Conference on Advances in Cryptology -- ASIACRYPT 2015 - Volume 9452

We show a framework for constructing identity-based encryption IBE schemes that are almost tightly secure in the multi-challenge and multi-instance setting. In particular, we formalize a new notion called broadcast encoding, analogously to encoding ...
Improved security proofs of Delerablée's identity-based broadcast encryption scheme
ICHIT'11: Proceedings of the 5th international conference on Convergence and hybrid information technology

Delerablée proposed the first identity-based broadcast encryption scheme with constant size ciphertexts and private keys in [7]. But, the scheme was proved to be secure in the selective identity security model. We prove the scheme is secure in the full ...
Leakage-resilience of stateless/stateful public-key encryption from hash proofs
ACISP'12: Proceedings of the 17th Australasian conference on Information Security and Privacy

We consider the problem of constructing public-key encryption (PKE) schemes that are resilient to a-posteriori chosen-ciphertext and key-leakage attacks. Recently, Naor and Segev (CTYPTO'09) have proven that the Naor-Yung generic construction of PKE ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

EUROCRYPT'06: Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques

May 2006

611 pages

ISBN:3540345469

Editor:
Serge Vaudenay
EPFL, Lausanne, Switzerland

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 28 May 2006

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

264
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Gregersen SAguirre AHaselwarter PTassarotti JBirkedal L(2024)Asynchronous Probabilistic Couplings in Higher-Order Separation LogicProceedings of the ACM on Programming Languages10.1145/36328688:POPL(753-784)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632868
Ma JLiu HZhang MLiu Z(2024)VPFLKnowledge-Based Systems10.1016/j.knosys.2024.112115299:COnline publication date: 5-Sep-2024
https://dl.acm.org/doi/10.1016/j.knosys.2024.112115
Berti FHazay CLevi I(2024)-: Leakage-Resilient Oblivious TransferSecurity and Cryptography for Networks10.1007/978-3-031-71070-4_9(182-204)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1007/978-3-031-71070-4_9
Jaeger JMohan D(2024)Generic and Algebraic Computation Models: When AGM Proofs Transfer to the GGMAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68388-6_2(14-45)Online publication date: 18-Aug-2024
https://dl.acm.org/doi/10.1007/978-3-031-68388-6_2
Beyne TChen Y(2024)Information-Theoretic Security with AsymmetriesAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68385-5_15(463-494)Online publication date: 18-Aug-2024
https://dl.acm.org/doi/10.1007/978-3-031-68385-5_15
Bellare MHoang V(2024)Succinctly-Committing Authenticated EncryptionAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68385-5_10(305-339)Online publication date: 18-Aug-2024
https://dl.acm.org/doi/10.1007/978-3-031-68385-5_10
Backendal MDavis HGünther FHaller MPaterson K(2024)A Formal Treatment of End-to-End Encrypted Cloud StorageAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68379-4_2(40-74)Online publication date: 18-Aug-2024
https://dl.acm.org/doi/10.1007/978-3-031-68379-4_2
Chairattana-Apirom RTessaro SZhu C(2024)Pairing-Free Blind Signatures from CDH AssumptionsAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68376-3_6(174-209)Online publication date: 18-Aug-2024
https://dl.acm.org/doi/10.1007/978-3-031-68376-3_6
Ferreira LPascal J(2024)Post-quantum Secure ZRTPPost-Quantum Cryptography10.1007/978-3-031-62743-9_1(3-36)Online publication date: 12-Jun-2024
https://dl.acm.org/doi/10.1007/978-3-031-62743-9_1
Ferreira L(2024)Computational Security Analysis of the Full EDHOC ProtocolTopics in Cryptology – CT-RSA 202410.1007/978-3-031-58868-6_2(25-48)Online publication date: 6-May-2024
https://dl.acm.org/doi/10.1007/978-3-031-58868-6_2
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents