Given a PRP defined over {0, 1} n , we describe a new generic and efficient method to obtain modes of operation with a security level beyond the birthday bound 2 n/2. These new modes, named NEMO (for New Encryption Modes of Operation), are based on a new contribution to the problem of transforming a PRP into a PRF. According to our approach, any generator matrix of a linear code of minimal distance d, d ≥ 1, can be used to design a PRF with a security of order 2 dn/(d+1). Such PRFs can be used to obtain NEMO, the security level of which is of the same order (2 dn/(d+1)). In particular, the well-known counter mode becomes a particular case when considering the identity linear code (of minimal distance d = 1) and the mode of operation CENC [7] corresponds to the case of the the parity check linear code of minimal distance d = 2. Any other generator matrix leads to a new PRF and a new mode of operation. We give an illustrative example using d = 4 which reaches the security level 2 4n/5 with a computation overhead less than 4% in comparison to the counter mode.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.