Paper 2020/1076

Minimizing the Two-Round Tweakable Even-Mansour Cipher

Avijit Dutta

Abstract

In CRYPTO 2015, Cogliati et al. have proposed one-round tweakable Even-Mansour (\textsf{1-TEM}) cipher constructed out of a single n-bit public permutation π and a uniform and almost XOR-universal hash function \textsf{H} as (k,t,x)Hk(t)π(Hk(t)x), where t is the tweak, and x is the n-bit message. Authors have shown that its two-round extension, which we refer to as \textsf{2-TEM}, obtained by cascading 2-independent instances of the construction gives 2n/3-bit security and r-round cascading gives rn/r+2-bit security. In ASIACRYPT 2015, Cogliati and Seurin have shown that four-round tweakable Even-Mansour cipher, which we refer to as \textsf{4-TEM}, constructed out of four independent n-bit permutations π1,π2,π3,π4 and two independent n-bit keys k1,k2, defined as k1tπ4(k2tπ3(k1tπ2(k2tπ1(k1tx)))), is secure upto 22n/3 adversarial queries. In this paper, we have shown that if we replace two independent permutations of \textsf{2-TEM} (Cogliati et al., CRYPTO 2015) with a single -bit public permutation, then the resultant construction still guarrantees security upto adversarial queries. Using the results derived therein, we also show that replacing the permutation with in the above equation preserves security upto adversarial queries.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A minor revision of an IACR publication in ASIACRYPT 2020
Keywords
Tweakable Block CipherKey Alternating CipherTweakable Even-Mansour CipherH-Coefficient
Contact author(s)
avirocks dutta13 @ gmail com
History
2020-09-12: revised
2020-09-09: received
See all versions
Short URL
https://ia.cr/2020/1076
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/1076,
      author = {Avijit Dutta},
      title = {Minimizing the Two-Round Tweakable Even-Mansour Cipher},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/1076},
      year = {2020},
      url = {https://eprint.iacr.org/2020/1076}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.