In this paper we study the problem of extending tweak of a given TBC of fixed-length tweak, which is a variant of popular problem of converting a blockcipher into a TBC, i.e., blockcipher mode of operation. The problem is particularly important for known dedicated TBCs since they have relatively short tweak. We propose a simple and efficient solution, called XTX, for this problem. XTX converts a TBC of fixed-length tweak into another TBC of arbitrarily long tweak, by extending the scheme of Liskov, Rivest and Wagner that converts a blockcipher into a TBC. Given a TBC of $n$-bit block and $m$-bit tweak, XTX provides $(n+m)/2$-bit security while conventional methods provide $n/2$ or $m/2$-bit security. We also show that XTX is even useful when combined with some blockcipher modes for building TBC having security beyond the birthday bound.
Category / Keywords: secret-key cryptography / Tweakable blockcipher, Tweak extension, Mode of operation, LRW Original Publication (with major differences): IMA international conference on cryptography and coding (IMACC) 2015 Date: received 13 Sep 2015 Contact author: k-minematsu at ah jp nec com Available format(s): PDF | BibTeX Citation Note: A preliminary version of this paper appears in the proceedings of IMA international conference on cryptography and coding (IMACC) 2015. This is the full version. Version: 20150914:064328 (All versions of this report) Short URL: ia.cr/2015/888 Discussion forum: Show discussion | Start new discussion