Back to Search Start Over

Efficiency Improvements for Encrypt-to-Self

Authors :
Bertram Poettering
Jeroen Pijnenburg
Source :
Proceedings of the 2nd Workshop on Cyber-Security Arms Race, CYSARM@CCS
Publication Year :
2020
Publisher :
arXiv, 2020.

Abstract

Recent work by Pijnenburg and Poettering (ESORICS'20) explores the novel cryptographic Encrypt-to-Self primitive that is dedicated to use cases of symmetric encryption where encryptor and decryptor coincide. The primitive is envisioned to be useful whenever a memory-bounded computing device is required to encrypt some data with the aim of temporarily depositing it on an untrusted storage device. While the new primitive protects the confidentiality of payloads as much as classic authenticated encryption primitives would do, it provides considerably better authenticity guarantees: Specifically, while classic solutions would completely fail in a context involving user corruptions, if an encrypt-to-self scheme is used to protect the data, all ciphertexts and messages fully remain unforgeable. To instantiate their encrypt-to-self primitive, Pijnenburg et al propose a mode of operation of the compression function of a hash function, with a carefully designed encoding function playing the central role in the serialization of the processed message and associated data. In the present work we revisit the design of this encoding function. Without questioning its adequacy for securely accomplishing the encrypt-to-self job, we improve on it from a technical/implementational perspective by proposing modifications that alleviate certain conditions that would inevitably require implementations to disrespect memory alignment restrictions imposed by the word-wise operation of modern CPUs, ultimately leading to performance penalties. Our main contributions are thus to propose an improved encoding function, to explain why it offers better performance, and to prove that it provides as much security as its predecessor. We finally report on our open-source implementation of the encrypt-to-self primitive based on the new encoding function.<br />Comment: this is the full version of content that appears at CYSARM'20

Details

ISBN :
978-1-4503-8091-1
ISBNs :
9781450380911
Database :
OpenAIRE
Journal :
Proceedings of the 2nd Workshop on Cyber-Security Arms Race, CYSARM@CCS
Accession number :
edsair.doi.dedup.....4fca4ae2bb50f8f8b42f13bf079815fc
Full Text :
https://doi.org/10.48550/arxiv.2009.02667