Authors:
Oussama Trabelsi
1
;
Lilia Sfaxi
2
and
Riadh Robbana
2
Affiliations:
1
Faculty of Science of Tunis, Tunis el Manar University, Tunis, Tunisia
;
2
Faculty of Science of Tunis, Tunis el Manar University, Tunis, Tunisia, INSAT, University of Carthage, Tunis, Tunisia
Keyword(s):
Cryptography, Modes of Operation, CBC, Parallel Encryption, Hash-based Encryption.
Abstract:
Since the rise of Big Data, working with large files became the rule and no longer the exception. Despite this fact, some data at-rest encryption modes of operation, namely CBC, are being used even though they do not take into account the heavy cost of running sequential encryption operations over a big volume of data. This led to some attempts that aim to parallelizing such operations either by only chaining isolated subsets of the plaintext, or by using hash functions to reflect any changes made to the plaintext before running parallel encryption operations. However, we noticed that such solutions present some security issues of different levels of severity. In this paper, we propose a Distributed version of CBC, which we refer to as DCBC, that uses an IV generation layer to ensure some level of chaining between multiple CBC encryption operations that run in parallel, while keeping CPA security intact and even adding new operations such as appending data without compromising the en
cryption mode’s security. We will, also, make a theoretical performance comparison between DCBC and CBC under different circumstances to study optimal conditions for running our proposed mode. We show in this comparison that our solution largely outperforms CBC, when it comes to large files.
(More)