Variable message encryption through blockcipher compression function

摘要

A constrained device is an emerging technology that has enormous applications in our daily life such as access control, inventory control, luggage tracking, bar-code reader, and IoT. However, it has certain draw-backs of low memory and less computing power. Thus, one of the cracking challenges is to provide efficient and secure cryptographic solution for the constrained device in the aspect of security issue. An (n,n) blockcipher-based cryptographic compression function is applicable to provide provable security to the con-strained device. Though, there are many constructions of (n, n) blockcipher such as MDC-2, MDC-4, MJH, Bart-12, and SKS-15. However, most of the familiar schemes are not suitable for short and variable message encryption without padding because of their internal structures. Furthermore, the security margin is provided based on blocklength rather than the flexible size of message. In this paper, we present two different (n, n) blockcipher compression function schemes. The first scheme (FS) satisfies better efficiency such as less call of blockcipher, less key scheduling, and higher efficiency rate. On the contrary, the second scheme (SS) has upper security bound. Moreover, both of the schemes are suitable for small and variable message encryption (message size = tnt<,n : blocklength), which is handy for the constrained device. The collision and preimage security bound of the FS are O (2~(tn/2)) and O (2~(tn)). In addition, the SS's collision resistance and preimage resistance are bounded by O (2~(tn)) and O (2~(2tn)). Moreover, the efficiency rate of the proposed two schemes are respectively t and t/3. The numbers of key scheduling are 2 for the constructions of FS and SS. We use two calls of blockcipher in the FS. On the contrary, three calls of blockcipher are used in the SS. Copyright ? 2016 John Wiley & Sons, Ltd.