Paper 2019/1000

Security of Symmetric Primitives against Key-Correlated Attacks

Aisling Connolly, Pooya Farshim, and Georg Fuchsbauer

Abstract

We study the security of symmetric primitives against key-correlated attacks (KCA), whereby an adversary can arbitrarily correlate keys, messages, and ciphertexts. Security against KCA is required whenever a primitive should securely encrypt key-dependent data, even when it is used under related keys. KCA is a strengthening of the previously considered notions of related-key attack (RKA) and key-dependent message (KDM) security. This strengthening is strict, as we show that 2-round Even–Mansour fails to be KCA secure even though it is both RKA and KDM secure. We provide feasibility results in the ideal-cipher model for KCAs and show that 3-round Even–Mansour is KCA secure under key offsets in the random-permutation model. We also give a natural transformation that converts any authenticated encryption scheme to a KCA-secure one in the random-oracle model. Conceptually, our results allow for a unified treatment of RKA and KDM security in idealized models of computation.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published by the IACR in FSE 2019
Keywords
Key-correlated attackrelated-key attackkey-dependent-message attackideal-cipher modelrandom-oracle modelauthenticated encryptionxkcd.
Contact author(s)
aisling connolly @ ens fr
History
2019-09-05: received
Short URL
https://ia.cr/2019/1000
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2019/1000,
      author = {Aisling Connolly and Pooya Farshim and Georg Fuchsbauer},
      title = {Security of Symmetric Primitives against Key-Correlated Attacks},
      howpublished = {Cryptology {ePrint} Archive, Paper 2019/1000},
      year = {2019},
      url = {https://eprint.iacr.org/2019/1000}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.