Paper 2018/784

Tweakable Block Ciphers Secure Beyond the Birthday Bound in the Ideal Cipher Model

ByeongHak Lee and Jooyoung Lee


We propose a new construction of tweakable block ciphers from standard block ciphers. Our construction, dubbed XHX2, is the cascade of two independent XHX block ciphers, so it makes two call to the underlying block cipher using tweak-dependent keys. We prove the security of XHX2 up to min{2^{2(n+m)/3},2^{n+m/2}} queries (ignoring logarithmic factors) in the ideal cipher model, when the block cipher operates on n-bit blocks using m-bit keys. The XHX2 tweakable block cipher is the first construction that achieves beyond-birthday-bound security with respect to the input size of the underlying block cipher in the ideal cipher model.

Available format(s)
Publication info
Published by the IACR in ASIACRYPT 2018
tweakale block cipherbeyond-birthday-bound securityideal cipher model
Contact author(s)
lbh0307 @ kaist ac kr
hicalf @ kaist ac kr
2018-09-01: received
Short URL
Creative Commons Attribution


      author = {ByeongHak Lee and Jooyoung Lee},
      title = {Tweakable Block Ciphers Secure Beyond the Birthday Bound in the Ideal Cipher Model},
      howpublished = {Cryptology ePrint Archive, Paper 2018/784},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.