BITMIX: A hardware accelerated randomized symmetric encryption method

Abstract

We propose a probabilistic symmetric encryption method that heavily relies on true-random numbers, both to XOR the plaintext with a random block of at least equal length (just like OTP) and to disperse resulting data at bit-level into even more randomness. Our method has several highly needed security properties. It has resistance against both CPA2 and CCA2 attacks, and it has provable ideal statistical properties - assuming that the attacker cannot break in the same time two different 256 bit hash functions and a good randomness source is available. Relying on multiple encryption layers, we argue that our method remains safe even if the involved second layer block cipher (in our implementation example AES256) and/or at most one of the implied hash functions is mathematically broken. The proposed method generates considerable ciphertext expansion and the bit-level operations take significantly more time compared with Intel hardware accelerated AES. However, our implementation shows that the Intel BMI2 instruction set can offer an over 30x speedup for the underlying bit-level dispersion algorithm, thus making our approach performance-wise affordable.