Paper 2024/598
AE Robustness as Indistinguishable Decryption Leakage under Multiple Failure Conditions
Abstract
Robustness has emerged as an important criterion for authenticated encryption, alongside the requirements of confidentiality and integrity. We introduce a novel notion, denoted as IND-CCLA, to formalize the robustness of authenticated encryption from the perspective of decryption leakage. This notion is an augmentation of common notions defined for AEAD schemes by considering indistinguishability of potential leakage due to decryption failure including candidate plaintext and error messages, particularly in the presence of multiple failure conditions. With this notion, we study the disparity between a single-error decryption function and the actual leakage incurred during decryption. We introduce the concept of error unicity to require that only one error is disclosed, whether explicitly via decryption or implicitly via leakage, even there are multiple failure conditions. This aims to mitigate the security issue caused by disclosing multiple errors via leakage. We further extend this notion to IND-sf-CCLA to formalize the stateful security involving out-of-order ciphertext. We provide a concrete proof on the robustness of Encode-then-Encipher paradigm through our notions to show its ability to admit multiple failure conditions. Additionally, we briefly show a transformation from our notion to a simulatable one, which can aid future study on composable security concerning decryption leakage.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Preprint.
- Keywords
- AE RobustnessDecryption LeakageIND-CCLAError UnicitySecurity Proof
- Contact author(s)
- ganyuan cao @ epfl ch
- History
- 2024-05-13: last of 4 revisions
- 2024-04-17: received
- See all versions
- Short URL
- https://ia.cr/2024/598
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/598, author = {Ganyuan Cao}, title = {AE Robustness as Indistinguishable Decryption Leakage under Multiple Failure Conditions}, howpublished = {Cryptology ePrint Archive, Paper 2024/598}, year = {2024}, note = {\url{https://eprint.iacr.org/2024/598}}, url = {https://eprint.iacr.org/2024/598} }