The NCSC Advances New Cryptography Modes: Meet GLEVIAN and VIGORNIAN

--

If you are into cybersecurity, you should know all about the birthday attack, as it is a typical model used to estimate how quickly a hash value can be cracked. The theory goes that in a room of 23 people, there will be a 50% chance of at least two people having the same birthday [here]. And, so, if we use a block cipher mode for AES, we can define a birthday bound for collisions over the block size space.

In fact, it has been shown that it is fairly simple to create a hash collision in MD5 — and where we can generate the same hash for two different inputs, and also possible within a reasonable time for a SHA-1 collision (but virtually impossible for SHA-256 and SHA-3). With 128-bit AES, this is the same as the key space.

These days, block ciphers are not used much, and where we typically use stream ciphers that support AEAD (Authenticated Encryption with Additional Data). The most widely used mode is GCM (Galois Cipher Mode). But, the search is on to find new modes which are even more robust. And, so, in a new paper, a researcher at the NCSC (Peter Campbell) outlines the GLEVIAN and VIGORNIAN modes for AES, and which improve on GCM [here]:

The author is from the National Cyber Security Centre (NCSC) and which has a core role in the assessment of cryptographic methods — especially related to long-term security. He presents two new modes GLEVIAN and VIGORNIAN) and which offer nonce-misuse resistance, unverified plaintext (RUP) security, and beyond-birthday security.

NIST’s third workshop on the security of block cipher modes

A strong advance is that it has drop-in compatibility with GCM and fits in with NIST’s third workshop on the security of block cipher modes, and where the authors of the paper are highlighting “beyond-birthday security” as a possible key focus:

Figure 1 outlines the GLEVIAN AEAD mode.

Figure 1: GLEVIAN AEAD mode

Conclusions

Cybersecurity involves continual advancement. If we were still using the cryptography we had in the 1990s, virtually all of the encryption methods would be crackable (such as with the Diffie-Hellman key exchange method, the RC4 symmetric key cipher, and 512-bit RSA). But, we have migrated our methods over the years and have kept up with current cracking methods. GLEVIAN and VIGORNIAN are a step forward in further improving security.

--

--

Prof Bill Buchanan OBE FRSE
ASecuritySite: When Bob Met Alice

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. Based in Edinburgh. Old World Breaker. New World Creator. Building trust.