You are looking at a specific version 20170224:073354 of this paper. See the latest version.

Paper 2017/042

Five Rounds are Sufficient and Necessary for the Indifferentiability of Iterated Even-Mansour

Yuanxi Dai and Yannick Seurin and John Steinberger and Aishwarya Thiruvengadam

Abstract

We prove that the 5-round iterated Even-Mansour (IEM) construction (which captures the high-level structure of the class of key-alternating ciphers) with a non-idealized key-schedule (such as the trivial key-schedule, where all round keys are equal) is indifferentiable from an ideal cipher. In a separate result, we also prove that five rounds are necessary by describing an attack against the corresponding 4-round construction. This closes the gap regarding the exact number of rounds for which the IEM construction with a non-idealized key-schedule is indifferentiable from an ideal cipher, which was previously only known to lie between four and twelve.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
block cipherideal cipheriterated Even-Mansourkey-alternating ciphersindifferentiability
Contact author(s)
dyx13 @ mails tsinghua edu cn
History
2017-06-10: last of 2 revisions
2017-01-18: received
See all versions
Short URL
https://ia.cr/2017/042
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.