SCIENTIA SINICA Informationis, Volume 46 , Issue 6 : 729-742(2016) https://doi.org/10.1360/N112015-00163

Analysis of the OFBNLF encryption mode of operation

Zhelei SUN 1,2,3, Peng WANG 1,3,*
More info
  • ReceivedOct 15, 2015
  • AcceptedNov 18, 2015
  • PublishedMay 27, 2016


OFBNLF is one of the national standardized block cipher modes of operation. In this mode, indistinguishability under chosen plaintext attack is an important security index. To the best of our knowledge, to date no analysis of the security and software implementation efficiency of OFBNLF mode has been conducted. In this paper, we analyze the security of OFBNLF and show that OFBNLF is blockwise-IND-CPA (indistinguishability under blockwise-based chosen plaintext attack) using game-playing techniques based on the description of online encryption on OFBNLF. The previous definition of BW-IND-CPA mode was not based on online mode; however, in this paper, we redefine BW-IND-CPA mode on the basis of online encryption. In addition, we compare OFBNLF mode with other encryption modes of the national standard in terms of security and software implementation efficiency.

Funded by







[1] Menezes A J, van Oorschot P C, Vanstone S A. Handbook of Applied Cryptography. Boca Raton: {CRC} Press, 1996. Google Scholar

[2] 中国标准出版社. 信息安全技术 分组密码算法的工作模式. GB/T 17964-2008. http://webstore.spc.net.cn/produce/ showonebook.asp?strid=36837. 2008. Google Scholar

[3] Bellare M, Desai A, Jokipii E, et al. A concrete security treatment of symmetric encryption. In: Proceedings of the 38th Annual Symposium on Foundations of Computer Science, Miami Beach, 1997. 394-403. Google Scholar

[4] Sung J, Lee S, Lim J I, et al. Concrete security analysis of CTR-OFB and CTR-CFB modes of operation. In: Information Security and Cryptology -- ICISC 2001. Berlin: Springer, 2001. 103-113. Google Scholar

[5] Jansen C J, Boekee D E. Modes of blockcipher algorithms and their protection against active eavesdropping. In: Advances in Cryptology -- EUROCRYPT'87. Berlin: Springer, 1987. 281-286. Google Scholar

[6] Jansen C J. Investigations on nonlinear streamcipher systems: construction and evaluation methods. Dissertation for Ph.D. Degree. Delft: Delft University of Technology, 1989. Google Scholar

[7] Barlow L C. Symmetric encryption with multiple keys: techniques and applications. Dissertation for Master Degree. Corvallis: Oregon State University, 2005. Google Scholar

[8] Preneel B. Analysis and design of cryptographic hash functions. Dissertation for Ph.D. Degree. Leuven: Katholieke Universiteit te Leuven, 1993. Google Scholar

[9] Joux A, Martinet G, Valette F. Blockwise-adaptive attackers revisiting the (in) security of some provably secure encryption modes: CBC, GEM, IACBC. In: Advances in Cryptology -- CRYPTO 2002. Berlin: Springer, 2002. 17-30. Google Scholar

[10] Bellare M, Rogaway P. The security of triple encryption and a framework for code-based game-playing proofs. In: Advances in Cryptology -- EUROCRYPT 2006. Berlin: Springer, 2006. 409-426. Google Scholar

[11] Fouque P A, Martinet G, Poupard G. Practical symmetric on-line encryption. In: Fast Software Encryption. Berlin: Springer, 2003. 362-375. Google Scholar

[12] Goldwasser S, Micali S. J Comput Syst Sci, 1984, 28: 270-299 CrossRef Google Scholar

[13] Namprempre C, Rogaway P, Shrimpton T. Reconsidering generic composition. In: Advances in Cryptology -- EUROCRYPT 2014. Berlin: Springer, 2014. 257-274. Google Scholar

[14] Rogaway P. Nonce-based symmetric encryption. In: Fast Software Encryption. Berlin: Springer, 2004. 348-358. Google Scholar

[15] Goldwasser S, Bellare M. Lecture notes on cryptography. http://cseweb.ucsd.edu/ mihir/papers/gb.pdf. 2008. Google Scholar

[16] Bellare M, Kilian J, Rogaway P. J Comput Syst Sci, 2000, 61: 362-399 CrossRef Google Scholar

[17] Luby M, Rackoff C. SIAM J Comput, 1988, 17: 373-386 CrossRef Google Scholar

[18] Bellare M, Goldreich O, Mityagin A. The power of verification queries in message authentication and authenticated encryption. Cryptology ePrint Archive, 2004, 2004: 309. Google Scholar

[19] Hoang V T, Reyhanitabar R, Rogaway P, et al. Online authenticated-encryption and its nonce-reuse misuse-resistance. IACR Cryptology ePrint Archive, 2015, 2015: 189. Google Scholar

[20] Andreeva E, Bogdanov A, Luykx A, et al. How to securely release unverified plaintext in authenticated encryption. In: Advances in Cryptology -- ASIACRYPT 2014. Berlin: Springer, 2014. 105-125. Google Scholar

[21] Agrawal M, Chang D, Sanadhya S. Sp-AELM: sponge based authenticated encryption scheme for memory constrained devices. In: Information Security and Privacy. Berlin: Springer, 2015. 451-468. Google Scholar

[22] Hoang V T, Krovetz T, Rogaway P. Robust authenticated-encryption AEZ and the problem that it solves. In: Advances in Cryptology -- EUROCRYPT 2015. Berlin: Springer, 2015. 15-44. Google Scholar

[23] Rogaway P, Zhang H. Online ciphers from tweakable blockciphers. In: Topics in Cryptology -- CT-RSA 2011. Berlin: Springer, 2011. 14-18. Google Scholar

[24] Rogaway P. Evaluation of some blockcipher modes of operation. http://web.cs.ucdavis.edu/ rogaway/papers/modes-cryptrec.pdf. 2011. Google Scholar

[25] 国家商用密码管理办公室. 无线局域网产品使用 的SMS4密码算法. http://www.oscca.gov.cn/News/200705/ News\_1106.html. Google Scholar

Copyright 2020 Science China Press Co., Ltd. 《中国科学》杂志社有限责任公司 版权所有

京ICP备17057255号       京公网安备11010102003388号