Paper 2015/134

From Related-Key Distinguishers to Related-Key-Recovery on Even-Mansour Constructions

Pierre Karpman

Abstract

We show that a distinguishing attack in the related key model on an Even-Mansour block cipher can readily be converted into an extremely efficient key recovery attack. Concerned ciphers include in particular all iterated Even-Mansour schemes with independent keys. We apply this observation to the Caesar candidate Prøst-OTR and are able to recover the whole key with a number of requests linear in its size. This improves on recent forgery attacks in a similar setting.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. ISC 2015
DOI
10.1007/978-3-319-23318-5_10
Keywords
Even-Mansourrelated-key attacksPrøst-OTR
Contact author(s)
pierre karpman @ gmail com
History
2016-01-29: last of 2 revisions
2015-02-26: received
See all versions
Short URL
https://ia.cr/2015/134
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/134,
      author = {Pierre Karpman},
      title = {From Related-Key Distinguishers to Related-Key-Recovery on Even-Mansour Constructions},
      howpublished = {Cryptology ePrint Archive, Paper 2015/134},
      year = {2015},
      doi = {10.1007/978-3-319-23318-5_10},
      note = {\url{https://eprint.iacr.org/2015/134}},
      url = {https://eprint.iacr.org/2015/134}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.