Conference ProceedingsOPEN ACCESS

GCM security bounds reconsidered

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2015) 9054 385-407
DOI: 10.1007/978-3-662-48116-5_19
15Citations
Citations of this article
30Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

A constant of 222 appears in the security bounds of the Galois/Counter Mode of Operation, GCM. In this paper, we first develop an algorithm to generate nonces that have a high counter-collision probability. We show concrete examples of nonces with the counter-collision probability of about 220.75/2128. This shows that the constant in the security bounds, 222, cannot be made smaller than 219.74 if the proof relies on “the sum bound.” We next show that it is possible to avoid using the sum bound, leading to improved security bounds of GCM. One of our improvements shows that the constant of 222 can be reduced to 32.

Author supplied keywords

Cite

CITATION STYLE

APA

Niwa, Y., Ohashi, K., Minematsu, K., & Iwata, T. (2015). GCM security bounds reconsidered. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9054, pp. 385–407). Springer Verlag. https://doi.org/10.1007/978-3-662-48116-5_19

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free