Paper 2015/101

Multi-Key Security: The Even-Mansour Construction Revisited

Nicky Mouha and Atul Luykx

Abstract

At ASIACRYPT 1991, Even and Mansour introduced a block cipher construction based on a single permutation. Their construction has since been lauded for its simplicity, yet also criticized for not providing the same security as other block ciphers against generic attacks. In this paper, we prove that if a small number of plaintexts are encrypted under multiple independent keys, the Even-Mansour construction surprisingly offers similar security as an ideal block cipher with the same block and key size. Note that this multi-key setting is of high practical relevance, as real-world implementations often allow frequent rekeying. We hope that the results in this paper will further encourage the use of the Even-Mansour construction, especially when the secure and efficient implementation of a key schedule would result in a significant overhead.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published by the IACR in CRYPTO 2015
Keywords
Even-Mansourmulti-key settingbroadcast attackrelated-key setting
Contact author(s)
Nicky Mouha @ esat kuleuven be
History
2015-06-01: last of 2 revisions
2015-02-23: received
See all versions
Short URL
https://ia.cr/2015/101
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/101,
      author = {Nicky Mouha and Atul Luykx},
      title = {Multi-Key Security: The Even-Mansour Construction Revisited},
      howpublished = {Cryptology ePrint Archive, Paper 2015/101},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/101}},
      url = {https://eprint.iacr.org/2015/101}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.