Paper 2013/835

A Modular Framework for Building Variable-Input Length Tweakable Ciphers

Thomas Shrimpton and R. Seth Terashima


We present the Protected-IV construction (PIV) a simple, modular method for building variable-input-length tweakable ciphers. At our level of abstraction, many interesting design opportunities surface. For example, an obvious pathway to building beyond birthday-bound secure tweakable ciphers with performance competitive with existing birthday-bound-limited constructions. As part of our design space exploration, we give two fully instantiated PIV constructions, TCT1 and TCT2; the latter is fast and has beyond birthday-bound security, the former is faster and has birthday-bound security. Finally, we consider a generic method for turning a VIL tweakable cipher (like PIV) into an authenticated encryption scheme that admits associated data, can withstand nonce-misuse, and allows for multiple decryption error messages. Thus, the method offers robustness even in the face of certain sidechannels, and common implementation mistakes.

Note: Typo fixes and minor clarifications.

Available format(s)
Secret-key cryptography
Publication info
A major revision of an IACR publication in ASIACRYPT 2013
tweakable block ciphersauthenticated encryptiondisk encryptionnonce misuse
Contact author(s)
seth @ cs pdx edu
2014-08-22: revised
2013-12-16: received
See all versions
Short URL
Creative Commons Attribution


      author = {Thomas Shrimpton and R.  Seth Terashima},
      title = {A Modular Framework for Building Variable-Input Length Tweakable Ciphers},
      howpublished = {Cryptology ePrint Archive, Paper 2013/835},
      year = {2013},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.