CCM in the RUP setting reduced to CTR?

kaiya

1/13/24, 11:03 AM

I have a question regarding the paper:

Andreeva, E. et al, Securely Release Unverified Plaintext in Authenticated Encryption , 2014 (DOI: 10.1007/978-3-662-45611-8_6)

AE schemes such as GCM [28] and CCM [40] reduce to CTR mode in the RUP setting. This is because the adversary does not need to forge a ciphertext in order to obtain information about the corresponding (unverified) plaintext.

I cannot follow the explanation. Which ciphertext would be forced? The one used for CBC? (used in CCM as I understand it's a combination of CBC+CTR) Can someone provide a more detailed explanation of why CCM's security reduces to CTR's security?

0 + 0

aes

authenticated-encryption

ctr

ccm

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: CCM in the RUP setting reduced to CTR?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.