Cryptology ePrint Archive: Report 2018/1130

A Survey on Applications of H-Technique: Revisiting Security Analysis of PRP and PRF

Ashwin Jha and Mridul Nandi

Abstract: The Coefficients H Technique (also called H-technique), developed by Patarin in circa ’91, is a tool to obtain upper bounds on distinguishing advantages. This tool is known to provide relatively simpler and (in some cases) tight bound proofs in comparison to some other well-known tools such as the Game-playing technique and Random Systems methodology. In this systematization of knowledge (SoK) paper, we aim to provide a brief survey on the H-technique. The SoK is in four parts: First, we redevelop the necessary nomenclatures and tools required to study the security of any symmetric key design, especially in the H-technique setting. Second, we give a full description of H-technique and some related tools. Third, we give (simple) H-technique based proofs for some popular symmetric-key designs, across different paradigms. Finally, we show that H-technique can actually provide optimal bounds on distinguishing advantage.

Category / Keywords: secret-key cryptography / provable security, coefficients H technique, Feistel, ENR, LDT, HCTR, TET

Date: received 20 Nov 2018, last revised 22 Jul 2019

Contact author: ashwin jha1991 at gmail com, mridul nandi at gmail com

Available format(s): PDF | BibTeX Citation

Note: Change in title name. Added analysis of sum of permutations and sum of Even-Mansour. Fixed some technical and editorial issues.

Version: 20190722:083753 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]