Paper 2018/1130
A Survey on Applications of H-Technique: Revisiting Security Analysis of PRP and PRF
Abstract
The Coefficients H Technique (also called H-technique), developed by Patarin in circa '91, is a tool to obtain upper bounds on distinguishing advantages. This tool is known to provide relatively simpler and (in some cases) tight bound proofs in comparison to some other well-known tools such as the Game-playing technique and Random Systems methodology. In this systematization of knowledge (SoK) paper, we aim to provide a brief survey on the H-technique. The SoK is in four parts: First, we redevelop the necessary nomenclatures and tools required to study the security of any symmetric key design, especially in the H-technique setting. Second, we give a full description of H-technique and some related tools. Third, we give (simple) H-technique based proofs for some popular symmetric-key designs, across different paradigms. Finally, we show that H-technique can actually provide optimal bounds on distinguishing advantage.
Note: Change in title name. Analysis of sum of permutations and sum of Even-Mansour included. Fixed some technical and editorial issues. Publication details included.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Entropy
- DOI
- 10.3390/e24040462
- Keywords
- H-coefficients technique Feistel ENR LDT HCTR TET
- Contact author(s)
-
ashwin jha1991 @ gmail com
mridul nandi @ gmail com - History
- 2022-09-03: last of 3 revisions
- 2018-11-29: received
- See all versions
- Short URL
- https://ia.cr/2018/1130
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2018/1130, author = {Ashwin Jha and Mridul Nandi}, title = {A Survey on Applications of H-Technique: Revisiting Security Analysis of {PRP} and {PRF}}, howpublished = {Cryptology {ePrint} Archive, Paper 2018/1130}, year = {2018}, doi = {10.3390/e24040462}, url = {https://eprint.iacr.org/2018/1130} }