Cryptology ePrint Archive: Report 2021/1441

Length-preserving encryption with HCTR2

Paul Crowley and Nathan Huckleberry and Eric Biggers

Abstract: On modern processors HCTR is one of the most efficient constructions for building a tweakable super-pseudorandom permutation. However, a bug in the specification and another in Chakraborty and Nandi's security proof invalidate the claimed security bound. We here present HCTR2, which fixes these issues and improves the security bound, performance and flexibility. GitHub: https://github.com/google/hctr2

Category / Keywords: secret-key cryptography / length-preserving encryption, super-pseudorandom permutation, variable input length, tweakable encryption, disk encryption

Date: received 26 Oct 2021

Contact author: paulcrowley at google com, nhuck at google com, ebiggers at google com

Available format(s): PDF | BibTeX Citation

Version: 20211027:085150 (All versions of this report)

Short URL: ia.cr/2021/1441


[ Cryptology ePrint archive ]