### A Survey on Applications of H-Technique: Revisiting Security Analysis of PRP and PRF

##### Abstract

The Coefficients H Technique (also called H-technique), developed by Patarin in circa '91, is a tool to obtain upper bounds on distinguishing advantages. This tool is known to provide relatively simpler and (in some cases) tight bound proofs in comparison to some other well-known tools such as the Game-playing technique and Random Systems methodology. In this systematization of knowledge (SoK) paper, we aim to provide a brief survey on the H-technique. The SoK is in four parts: First, we redevelop the necessary nomenclatures and tools required to study the security of any symmetric key design, especially in the H-technique setting. Second, we give a full description of H-technique and some related tools. Third, we give (simple) H-technique based proofs for some popular symmetric-key designs, across different paradigms. Finally, we show that H-technique can actually provide optimal bounds on distinguishing advantage.

Note: Change in title name. Analysis of sum of permutations and sum of Even-Mansour included. Fixed some technical and editorial issues. Publication details included.

Available format(s)
Category
Secret-key cryptography
Publication info
Published elsewhere. Entropy
DOI
10.3390/e24040462
Keywords
H-coefficients technique Feistel ENR LDT HCTR TET
Contact author(s)
ashwin jha1991 @ gmail com
mridul nandi @ gmail com
History
2022-09-03: last of 3 revisions
See all versions
Short URL
https://ia.cr/2018/1130

CC BY

BibTeX

@misc{cryptoeprint:2018/1130,
author = {Ashwin Jha and Mridul Nandi},
title = {A Survey on Applications of H-Technique: Revisiting Security Analysis of PRP and PRF},
howpublished = {Cryptology ePrint Archive, Paper 2018/1130},
year = {2018},
doi = {10.3390/e24040462},
note = {\url{https://eprint.iacr.org/2018/1130}},
url = {https://eprint.iacr.org/2018/1130}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.