The LOCAL attack: Cryptanalysis of the authenticated encryption scheme ALE

Dmitry Khovratovich, Christian Rechberger

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

We show how to produce a forged (ciphertext, tag) pair for the scheme ALE with data and time complexity of 2102 ALE encryptions of short messages and the same number of authentication attempts. We use a differential attack based on a local collision, which exploits the availability of extracted state bytes to the adversary. Our approach allows for a time-data complexity tradeoff, with an extreme case of a forgery produced after 2119 attempts and based on a single authenticated message. Our attack is further turned into a state recovery and a universal forgery attack with a time complexity of 2120 verification attempts using only a single authenticated 48-byte message.
Original languageEnglish
Title of host publicationSelected Areas in Cryptography - SAC 2013. Revised Selected Papers
PublisherSpringer
Publication date2014
Pages174-184
ISBN (Print)978-3-662-43413-0
ISBN (Electronic)978-3-662-43414-7
DOIs
Publication statusPublished - 2014
Event20th International Workshop on Selected Areas of Cryptography - Burnaby, Canada
Duration: 14 Aug 201316 Aug 2013
Conference number: 20

Conference

Conference20th International Workshop on Selected Areas of Cryptography
Number20
CountryCanada
CityBurnaby
Period14/08/201316/08/2013
SeriesLecture Notes in Computer Science
Volume8282
ISSN0302-9743

Keywords

  • Data Encryption
  • Systems and Data Security
  • Algorithm Analysis and Problem Complexity
  • Coding and Information Theory

Fingerprint Dive into the research topics of 'The LOCAL attack: Cryptanalysis of the authenticated encryption scheme ALE'. Together they form a unique fingerprint.

Cite this