Abstract
We introduce CWC, a new block cipher mode of operation for protecting both the privacy and the authenticity of encapsulated data. CWC is the first such mode having all five of the following properties: provable security, parallelizability, high performance in hardware, high performance in software, and no intellectual property concerns. We believe that having all five of these properties makes CWC a powerful tool for use in many performance-critical cryptographic applications. CWC is also the first appropriate solution for some applications; e.g., standardization bodies like the IETF and NIST prefer patent-free modes, and CWC is the first such mode capable of processing data at 10Gbps in hardware, which will be important for future IPsec (and other) network devices. As part of our design, we also introduce a new parallelizable universal hash function optimized for performance in both hardware and software.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)
Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: Proc. of the 38th FOCS, pp. 394–403. IEEE Computer Society Press, Los Alamitos (1997)
Bellare, M., Guérin, R., Rogaway, P.: XOR MACs: New methods for message authentication using finite pseudorandom functions. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 15–28. Springer, Heidelberg (1995)
Bellare, M., Namprempre, C.: Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000)
Bellare, M., Rogaway, P., Wagner, D.: The EAX mode of operation. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 389–407. Springer, Heidelberg (2004)
Bernstein, D.: Floating-point arithmetic and message authentication (2000), Available at http://cr.yp.to/papers.html##hash127
Black, J.A., Rogaway, P.: A block-cipher mode of operation for parallelizable message authentication. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, p. 384. Springer, Heidelberg (2002)
Daemen, J., Rijmen, V.: The Design of Rijndael. Springer, Heidelberg (2002)
Gladman, B.: AES and combined encryption/authentication modes (2003), Available at http://fp.gladman.plus.com/AES/index.htm
Gligor, V.D., Donescu, P.: Fast encryption and authentication: XCBC encryption and XECB authentication modes. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, p. 92. Springer, Heidelberg (2001)
Hecker, C.: Perspective texture mapping, part V: It’s about time. Game Developer (April 1996), Available at http://www.d6.com/users/checker/pdfs/gdmtex5.pdf
Jutla, C.S.: Encryption modes with almost free message integrity. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 529–544. Springer, Heidelberg (2001)
Katz, J., Yung, M.: Unforgeable encryption and chosen ciphertext secure modes of operation. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 284–299. Springer, Heidelberg (2000)
Kohno, T., Viega, J., Whiting, D.: CWC: A high-performance conventional authenticated encryption mode (2003), Full version of this paper, available at http://eprint.iacr.org/2003/106/
Krawczyk, H.: The order of encryption and authentication for protecting communications (or: How secure is SSL?). In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 310–331. Springer, Heidelberg (2001)
Lipmaa, H.: AES/Rijndael: speed (2003), Available at http://www.tcs.hut.fi/~helger/aes/rijndael.html
Luby, M., Rackoff, C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM J. Computation 17(2) (April 1988)
McGrew, D.: Integer counter mode (October 2002), Available at http://www.ietf.org/internet-drafts/draft-irtf-cfrg-icm-01.txt
McGrew, D.: The truncated multi-modular hash function (TMMH), version two (October 2002), Available at http://www.ietf.org/internet-drafts/draft-irtf-cfrg-tmmh-00.txt
McGrew, D.: The universal security transform (October 2002), Available at http://www.ietf.org/internet-drafts/draft-irtf-cfrg-ust-01.txt
McGrew, D., Viega, J.: Galois/counter mode. Submission to NIST (2004), Available at http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/
Nevelsteen, W., Preneel, B.: Software performance of universal hash functions. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 24–41. Springer, Heidelberg (1999)
Rogaway, P.: Authenticated encryption with associated data. In: Proc. of the 9th CCS (November 2002)
Rogaway, P., Bellare, M., Black, J., Krovetz, T.: OCB: A block-cipher mode of operation for efficient authenticated encryption. In: Proc. of the 8th CCS, pp. 196–205. ACM Press, New York (2001)
Rogaway, P., Wagner, D.: A critique of CCM (April 2003), Available at http://eprint.iacr.org/2003/070/
Shoup, V.: On fast and provably secure message authentication based on universal hashing. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 313–328. Springer, Heidelberg (1996)
Wegman, M., Carter, L.: New hash functions and their use in authentication and set equality. Journal of Computer and System Sciences 22, 265–279 (1981)
Whiting, D., Ferguson, N., Housley, R.: Counter with CBC-MAC (CCM). Submission to NIST (2002), Available at http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kohno, T., Viega, J., Whiting, D. (2004). CWC: A High-Performance Conventional Authenticated Encryption Mode. In: Roy, B., Meier, W. (eds) Fast Software Encryption. FSE 2004. Lecture Notes in Computer Science, vol 3017. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-25937-4_26
Download citation
DOI: https://doi.org/10.1007/978-3-540-25937-4_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22171-5
Online ISBN: 978-3-540-25937-4
eBook Packages: Springer Book Archive