[Resource Topic] 2015/214: GCM Security Bounds Reconsidered

Welcome to the resource topic for 2015/214

Title:
GCM Security Bounds Reconsidered

Authors: Yuichi Niwa, Keisuke Ohashi, Kazuhiko Minematsu, Tetsu Iwata

Abstract:

A constant of 2^{22} appears in the security bounds of the Galois/Counter Mode of Operation, GCM. In this paper, we first develop an algorithm to generate nonces that have a high counter-collision probability. We show concrete examples of nonces with the counter-collision probability of about 2^{20.75}/2^{128}. This shows that the constant in the security bounds, 2^{22}, cannot be made smaller than 2^{19.74} if the proof relies on ``the sum bound.‘’ We next show that it is possible to avoid using the sum bound, leading to improved security bounds of GCM. One of our improvements shows that the constant of 2^{22} can be reduced to 32.

ePrint: https://eprint.iacr.org/2015/214

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .