OCB mode

From Wikipedia, the free encyclopedia

OCB mode (Offset Codebook Mode) is a mode of operation for cryptographic block ciphers.

Contents

It was designed to provide both authentication and privacy. It is essentially a scheme for integrating a Message Authentication Code (MAC) into the operation of a block cipher. In this way, OCB mode avoids the need to use two systems; a MAC for authentication and a block cipher encryption for privacy. This simplifies the secure communication process for end users.

OCB mode was designed by Phillip Rogaway, who credits Mihir Bellare, John Black, and Ted Krovetz with assistance and comment on the designs. It is based on the authenticated encryption mode IAPM due to Charanjit S. Jutla (see the OCB FAQ for more details).

There are two versions of OCB: 1.0 and 2.0. OCB 2.0 improves on 1.0 by allowing associated data to be included with the message — that is, data that are not encrypted but should be authenticated — and a new method for generating a sequence of offsets. OCB 2.0 was first published in 2003, originally named AEM (Authenticated-Encryption Mode, or Advanced Encryption Mode).

OCB mode is listed as an optional method in the IEEE 802.11 wireless security standard as an alternative to CCM.

A patent application is in place for OCB mode. However, a special exemption has been granted so that OCB mode can be used in software licensed under the GNU General Public License without cost, as well as in software not developed and not sold inside the United States [1].

OCB performance overhead is minimal comparing to classical, non-authenticating modes like CBC. OCB requires one block cipher encryption per each block of encrypted and authenticated message and one encryption per each block of additional associated data. There are two also extra encryptions added once at the end of process.

For comparison, CCM mode offering similar functionality requires twice as more encryptions per each message block (associated data requires one as in OCB).

  • Charanjit S. Jutla, "Encryption Modes with Almost Free Message Integrity", Proc. Eurocrypt 2001, LNCS 2045, May 2001.


Hash algorithms: Gost-Hash | HAS-160 | HAS-V | HAVAL | MDC-2 | MD2 | MD4 | MD5 | N-Hash | RadioGatún | RIPEMD | SHA family | Snefru | Tiger | VEST | WHIRLPOOL | crypt(3) DES
MAC algorithms: DAA | CBC-MAC | HMAC | OMAC/CMAC | PMAC | UMAC | Poly1305-AES | VEST
Authenticated encryption modes: CCM | EAX | GCM | OCB | VEST   Attacks: Birthday attack | Collision attack | Preimage attack | Rainbow table | Brute force attack
Standardization: CRYPTREC | NESSIE   Misc: Avalanche effect | Hash collision | Hash functions based on block ciphers
Block ciphers
v  d  e
Algorithms: 3-Way | AES | Akelarre | Anubis | ARIA | BaseKing | Blowfish | C2 | Camellia | CAST-128 | CAST-256 | CIKS-1 | CIPHERUNICORN-A | CIPHERUNICORN-E | CMEA | Cobra | COCONUT98 | Crab | CRYPTON | CS-Cipher | DEAL | DES | DES-X | DFC | E2 | FEAL | FROG | G-DES | GOST | Grand Cru | Hasty Pudding Cipher | Hierocrypt | ICE | IDEA | IDEA NXT | Iraqi | Intel Cascade Cipher | KASUMI | KHAZAD | Khufu and Khafre | KN-Cipher | Libelle | LOKI89/91 | LOKI97 | Lucifer | M6 | MacGuffin | Madryga | MAGENTA | MARS | Mercy | MESH | MISTY1 | MMB | MULTI2 | NewDES | NOEKEON | NUSH | Q | RC2 | RC5 | RC6 | REDOC | Red Pike | S-1 | SAFER | SC2000 | SEED | Serpent | SHACAL | SHARK | Skipjack | SMS4 | Square | TEA | Triple DES | Twofish | UES | Xenon | xmx | XTEA | Zodiac
Design: Feistel network | Key schedule | Product cipher | S-box | SPN

Attacks: Brute force | Linear / Differential / Integral cryptanalysis | Mod n | Related-key | Slide | XSL
Standardization: AES process | CRYPTREC | NESSIE

Misc: Avalanche effect | Block size | IV | Key size | Modes of operation | Piling-up lemma | Weak key
Cryptography
v  d  e
History of cryptography | Cryptanalysis | Cryptography portal | Topics in cryptography
Symmetric-key algorithm | Block cipher | Stream cipher | Public-key cryptography | Cryptographic hash function | Message authentication code | Random numbers
Retrieved from "http://en.wikipedia.org../../../o/c/b/OCB_mode_3a95.html"
Advanced Search
Included Web Search Engines


Safe Search

close

Top Matching Results

Occasionally Search.com will highlight specialized results that are based on the context of your query. Examples of specialized results include specific links to news, images, or video.

Top Matching Results may highlight information from other Search.com pages, content from the CNET Network of sites, or third party content. The listings are based purely on relevance. Search.com does not receive payment for listings in this section but our partners that provide this data may get paid for listing these products.

Sponsored Links

This section contains paid listings which have been purchased by companies that want to have their sites appear for specific search terms and related content. These listings are administered, sorted and maintained by a third party and are not endorsed by Search.com.

Search Results

Search.com sends your search query to several search engines at one time and integrates the results into one list which has been sorted by relevance using Search.com's proprietary algorithm. You can customize the list of search engines included in your metasearch from the preferences.

The search engines that are used in your metasearch may allow companies to pay to have their Web sites included within the results. To view the Paid Inclusion policy for a specific search engine, please visit their Web site. Search.com does not accept payment or share revenue with any search engine partner for listings in this section.