Paper 2022/1097

Post-Quantum Security of Tweakable Even-Mansour, and Applications

Gorjan Alagic, University of Maryland, College Park
Chen Bai, University of Maryland, College Park
Jonathan Katz, University of Maryland, College Park
Christian Majenz, Technical University of Denmark
Patrick Struck, University of Konstanz

The tweakable Even-Mansour construction yields a tweakable block cipher from a public random permutation. We prove post-quantum security of tweakable Even-Mansour when attackers have quantum access to the public random permutation but only classical access to the secretly-keyed construction, the most relevant setting for most real-world applications. We then use our results to prove post-quantum security, in the same model, of three symmetric-key schemes: Elephant (an AEAD finalist of NIST's lightweight cryptography standardization effort), Minalpher (a second-round AEAD candidate of the CAESAR competition), and Chaskey (an ISO-standardized MAC).

Available format(s)
Secret-key cryptography
Publication info
Post-quantum CryptographyNIST Lightweight CryptographyQ1 model.
Contact author(s)
galagic @ umd edu
cbai1 @ umd edu
jkatz2 @ gmail com
chmaj @ dtu dk
patrick struck @ uni-konstanz de
2023-10-16: last of 4 revisions
2022-08-24: received
See all versions
Short URL
Creative Commons Attribution


      author = {Gorjan Alagic and Chen Bai and Jonathan Katz and Christian Majenz and Patrick Struck},
      title = {Post-Quantum Security of Tweakable Even-Mansour, and Applications},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1097},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.