Paper 2017/841

Efficient Length Doubling From Tweakable Block Ciphers

Yu Long Chen, Atul Luykx, Bart Mennink, and Bart Preneel


We present a length doubler, LDT, that turns an n-bit tweakable block cipher into an efficient and secure cipher that can encrypt any bit string of length [n..2n-1]. The LDT mode is simple, uses only two cryptographic primitive calls (while prior work needs at least four), and is a strong length-preserving pseudorandom permutation if the underlying tweakable block ciphers are strong tweakable pseudorandom permutations. We demonstrate that LDT can be used to neatly turn an authenticated encryption scheme for integral data into a mode for arbitrary-length data.

Available format(s)
Secret-key cryptography
Publication info
A minor revision of an IACR publication in FSE 2018
length doublerLDTtweakable block ciphersauthenticated encryption
Contact author(s)
yulong chen @ student kuleuven be
Atul Luykx @ esat kuleuven be
b mennink @ cs ru nl
Bart Preneel @ esat kuleuven be
2017-09-06: received
Short URL
Creative Commons Attribution


      author = {Yu Long Chen and Atul Luykx and Bart Mennink and Bart Preneel},
      title = {Efficient Length Doubling From Tweakable Block Ciphers},
      howpublished = {Cryptology ePrint Archive, Paper 2017/841},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.