Paper 2018/1130

A Survey on Applications of H-Technique: Revisiting Security Analysis of PRP and PRF

Ashwin Jha and Mridul Nandi

Abstract

The Coefficients H Technique (also called H-technique), developed by Patarin in circa ’91, is a tool to obtain upper bounds on distinguishing advantages. This tool is known to provide relatively simpler and (in some cases) tight bound proofs in comparison to some other well-known tools such as the Game-playing technique and Random Systems methodology. In this systematization of knowledge (SoK) paper, we aim to provide a brief survey on the H-technique. The SoK is in four parts: First, we redevelop the necessary nomenclatures and tools required to study the security of any symmetric key design, especially in the H-technique setting. Second, we give a full description of H-technique and some related tools. Third, we give (simple) H-technique based proofs for some popular symmetric-key designs, across different paradigms. Finally, we show that H-technique can actually provide optimal bounds on distinguishing advantage.

Note: Change in title name. Added analysis of sum of permutations and sum of Even-Mansour. Fixed some technical and editorial issues.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
provable securitycoefficients H techniqueFeistelENRLDTHCTRTET
Contact author(s)
ashwin jha1991 @ gmail com
mridul nandi @ gmail com
History
2019-07-22: revised
2018-11-29: received
See all versions
Short URL
https://ia.cr/2018/1130
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/1130,
      author = {Ashwin Jha and Mridul Nandi},
      title = {A Survey on Applications of H-Technique: Revisiting Security Analysis of PRP and PRF},
      howpublished = {Cryptology ePrint Archive, Paper 2018/1130},
      year = {2018},
      note = {\url{https://eprint.iacr.org/2018/1130}},
      url = {https://eprint.iacr.org/2018/1130}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.