Paper 2016/876

How to Build Fully Secure Tweakable Blockciphers from Classical Blockciphers

Lei Wang, Jian Guo, Guoyan Zhang, Jingyuan Zhao, and Dawu Gu

Abstract

This paper focuses on building a tweakable blockcipher from a classical blockcipher whose input and output wires all have a size of n bits. The main goal is to achieve full 2n security. Such a tweakable blockcipher was proposed by Mennink at FSE'15, and it is also the only tweakable blockcipher so far that claimed full 2n security to our best knowledge. However, we find a key-recovery attack on Mennink's proposal (in the proceeding version) with a complexity of about 2n/2 adversarial queries. The attack well demonstrates that Mennink's proposal has at most 2n/2 security, and therefore invalidates its security claim. In this paper, we study a construction of tweakable blockciphers denoted as E~[s] that is built on s invocations of a blockcipher and additional simple XOR operations. As proven in previous work, at least two invocations of blockcipher with linear mixing are necessary to possibly bypass the birthday-bound barrier of security, we carry out an investigation on the instances of with , and find highly efficient tweakable blockciphers , , , that achieve provable security. Each of these tweakable blockciphers uses two invocations of a blockcipher, one of which uses a tweak-dependent key generated by XORing the tweak to the key (or to a secret subkey derived from the key). We point out the provable security of these tweakable blockciphers is obtained in the ideal blockcipher model due to the usage of the tweak-dependent key.

Metadata
Available format(s)
PDF
Publication info
Published by the IACR in ASIACRYPT 2016
Keywords
tweakable blockcipherfull securityideal blockciphertweak-dependent key
Contact author(s)
wanglei_hb @ sjtu edu cn
guojian @ ntu edu sg
guoyanzhang @ sdu edu cn
jingyuanzhao @ live com
wanglei @ cs sjtu edu cn
History
2016-09-14: received
Short URL
https://ia.cr/2016/876
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/876,
      author = {Lei Wang and Jian Guo and Guoyan Zhang and Jingyuan Zhao and Dawu Gu},
      title = {How to Build Fully Secure Tweakable Blockciphers from Classical Blockciphers},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/876},
      year = {2016},
      url = {https://eprint.iacr.org/2016/876}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.