### Tweak-Length Extension for Tweakable Blockciphers

Kazuhiko Minematsu and Tetsu Iwata

##### Abstract

Tweakable blockcipher (TBC) is an extension of standard blockcipher introduced by Liskov, Rivest and Wagner in 2002. TBC is a versatile building block for efficient symmetric-key cryptographic functions, such as authenticated encryption. In this paper we study the problem of extending tweak of a given TBC of fixed-length tweak, which is a variant of popular problem of converting a blockcipher into a TBC, i.e., blockcipher mode of operation. The problem is particularly important for known dedicated TBCs since they have relatively short tweak. We propose a simple and efficient solution, called XTX, for this problem. XTX converts a TBC of fixed-length tweak into another TBC of arbitrarily long tweak, by extending the scheme of Liskov, Rivest and Wagner that converts a blockcipher into a TBC. Given a TBC of $n$-bit block and $m$-bit tweak, XTX provides $(n+m)/2$-bit security while conventional methods provide $n/2$ or $m/2$-bit security. We also show that XTX is even useful when combined with some blockcipher modes for building TBC having security beyond the birthday bound.

Note: A preliminary version of this paper appears in the proceedings of IMA international conference on cryptography and coding (IMACC) 2015. This is the full version.

Available format(s)
Category
Secret-key cryptography
Publication info
Published elsewhere. MAJOR revision.IMA international conference on cryptography and coding (IMACC) 2015
Keywords
Tweakable blockcipherTweak extensionMode of operationLRW
Contact author(s)
k-minematsu @ ah jp nec com
History
Short URL
https://ia.cr/2015/888

CC BY

BibTeX

@misc{cryptoeprint:2015/888,
author = {Kazuhiko Minematsu and Tetsu Iwata},
title = {Tweak-Length Extension for Tweakable Blockciphers},
howpublished = {Cryptology ePrint Archive, Paper 2015/888},
year = {2015},
note = {\url{https://eprint.iacr.org/2015/888}},
url = {https://eprint.iacr.org/2015/888}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.