Show simple item record

dc.contributor.author
Albrecht, Martin R.
dc.contributor.author
Brandt Hansen, Torben
dc.contributor.author
Paterson, Kenneth G.
dc.date.accessioned
2019-04-09T14:43:55Z
dc.date.available
2019-04-09T13:54:52Z
dc.date.available
2019-04-09T14:43:55Z
dc.date.issued
2019-03-19
dc.identifier.other
10.13154/tosc.v2019.i1.46-83
en_US
dc.identifier.uri
http://hdl.handle.net/20.500.11850/337046
dc.identifier.doi
10.3929/ethz-b-000337046
dc.description.abstract
Boldyreva et al. (Eurocrypt 2012) defined a fine-grained security model capturing ciphertext fragmentation attacks against symmetric encryption schemes. The model was extended by Albrecht et al. (CCS 2016) to include an integrity notion. The extended security model encompasses important security goals of SSH that go beyond confidentiality and integrity to include length hiding and denial-of-service resistance properties. Boldyreva et al. also defined and analysed the InterMAC scheme, while Albrecht et al. showed that InterMAC satisfies stronger security notions than all currently available SSH encryption schemes. In this work, we take the InterMAC scheme and make it fully ready for use in practice. This involves several steps. First, we modify the InterMAC scheme to support encryption of arbitrary length plaintexts and we replace the use of Encrypt-then-MAC in InterMAC with modern noncebased authenticated encryption. Second, we describe a reference implementation of the modified InterMAC scheme in the form of the library libInterMAC. We give a performance analysis of libInterMAC. Third, to test the practical performance of libInterMAC, we implement several InterMAC-based encryption schemes in OpenSSH and carry out a performance analysis for the use-case of file transfer using SCP. We measure the data throughput and the data overhead of using InterMAC-based schemes compared to existing schemes in OpenSSH. Our analysis shows that, for some network set-ups, using InterMAC-based schemes in OpenSSH only moderately affects performance whilst providing stronger security guarantees compared to existing schemes.
en_US
dc.format
application/pdf
en_US
dc.language.iso
en
en_US
dc.publisher
Ruhr-Universität Bochum
en_US
dc.rights.uri
http://creativecommons.org/licenses/by/4.0/
dc.subject
fragmentation attack
en_US
dc.subject
SSH
en_US
dc.subject
Authenticated Encryption
en_US
dc.subject
crypto library
en_US
dc.subject
implementation
en_US
dc.subject
performance analysis
en_US
dc.title
libInterMAC: Beyond Confidentiality and Integrity in Practice
en_US
dc.type
Journal Article
dc.rights.license
Creative Commons Attribution 4.0 International
dc.date.published
2019-03-08
ethz.journal.title
IACR Transactions on Symmetric Cryptology
ethz.journal.volume
2019
en_US
ethz.journal.issue
1
en_US
ethz.pages.start
46
en_US
ethz.pages.end
83
en_US
ethz.version.deposit
publishedVersion
en_US
ethz.publication.place
Bochum
en_US
ethz.publication.status
published
en_US
ethz.leitzahl
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02150 - Dep. Informatik / Dep. of Computer Science::02660 - Institut für Informationssicherheit / Institute of Information Security::09653 - Paterson, Kenneth / Paterson, Kenneth
en_US
ethz.leitzahl.certified
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02150 - Dep. Informatik / Dep. of Computer Science::02660 - Institut für Informationssicherheit / Institute of Information Security::09653 - Paterson, Kenneth / Paterson, Kenneth
en_US
ethz.date.deposited
2019-04-09T13:55:12Z
ethz.source
FORM
ethz.eth
no
en_US
ethz.availability
Open access
en_US
ethz.rosetta.installDate
2019-04-09T14:44:18Z
ethz.rosetta.lastUpdated
2022-03-28T22:45:18Z
ethz.rosetta.versionExported
true
ethz.COinS
ctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.atitle=libInterMAC:%20Beyond%20Confidentiality%20and%20Integrity%20in%20Practice&rft.jtitle=IACR%20Transactions%20on%20Symmetric%20Cryptology&rft.date=2019-03-19&rft.volume=2019&rft.issue=1&rft.spage=46&rft.epage=83&rft.au=Albrecht,%20Martin%20R.&Brandt%20Hansen,%20Torben&Paterson,%20Kenneth%20G.&rft.genre=article&rft_id=info:doi/10.13154/tosc.v2019.i1.46-83&
 Search print copy at ETH Library

Files in this item

Thumbnail

Publication type

Show simple item record