Cryptology ePrint Archive: Report 2020/247

Crooked Indifferentiability Revisited

Rishiraj Bhattacharyya and Mridul Nandi and Anik Raychaudhuri

Abstract: In CRYPTO 2018, Russell et al. introduced the notion of crooked indifferentiability to analyze the security of a hash function when the underlying primitive is subverted. They showed that the $n$-bit to $n$-bit function implemented using enveloped XOR construction ($\mathsf{EXor}$) with $3n+1$ many $n$-bit functions and $3n^2$- bit random initial vectors (iv) can be proven secure asymptotically in the crooked indifferentiability setting.

-We identify several major issues and gaps in the proof by Russel et al. We show that their proof does not work when the adversary makes queries related to multiple messages or in the case of intricate function dependent subversion. -We formalize new technique to prove crooked indifferentiability for multiple messages. Our technique can handle function dependent subversion. We apply our technique to provide a concrete proof for the $\mathsf{EXor}$ construction.

-We analyze crooked indifferentiability of the classical sponge construction. We show, using a simple proof idea, the sponge construction is a crooked-indifferentiable hash function using only $n$-bit random iv.

Category / Keywords: Crooked-Indifferentiability, Enveloped XOR, Sponge Construction

Date: received 23 Feb 2020, last revised 24 Feb 2020, withdrawn 26 Feb 2020

Contact author: rishiraj bhattacharyya at gmail com,mridul nandi@gmail com,anikrc1@gmail com

Available format(s): (-- withdrawn --)

Version: 20200226:091858 (All versions of this report)

Short URL: ia.cr/2020/247


[ Cryptology ePrint archive ]