The QARMAv2 Family of Tweakable Block Ciphers

Roberto Avanzi; Subhadeep Banik; Orr Dunkelman; Maria Eichlseder; Shibam Ghosh; Marcel Nageler; Francesco Regazzoni

Paper 2023/929

The QARMAv2 Family of Tweakable Block Ciphers

Roberto Avanzi

, Arm Germany GmbH, University of Haifa

Subhadeep Banik, Universita della Svizzera Italiana

Orr Dunkelman

, University of Haifa

Maria Eichlseder

, Graz University of Technology

Shibam Ghosh, University of Haifa

Marcel Nageler, Graz University of Technology

Francesco Regazzoni, University of Amsterdam, Universita della Svizzera Italiana

Abstract

We introduce the QARMAv2 family of tweakable block ciphers. It is a redesign of QARMA (from FSE 2017) to improve its security bounds and allow for longer tweaks, while keeping similar latency and area. The wider tweak input caters to both specific use cases and the design of modes of operation with higher security bounds. This is achieved through new key and tweak schedules, revised S-Box and linear layer choices, and a more comprehensive security analysis. QARMAv2 offers competitive latency and area in fully unrolled hardware implementations. Some of our results may be of independent interest. These include: new MILP models of certain classes of diffusion matrices; the comparative analysis of a full reflection cipher against an iterative half-cipher; our boomerang attack framework; and an improved approach to doubling the width of a block cipher.

Note: Besides the table of contents and lists of figures and tables, this version differs from the FSE/ToSC paper in the following ways: We have added two new appendices on the cryptanalysis of QARMA and on the properties of the diffusion matrices; The conclusions now include additional insights on the comparison between purely iterative ciphers and reflection ciphers; Some typographical errors have been rectified.

Metadata

Available format(s): PDF
Category: Secret-key cryptography
Publication info: A minor revision of an IACR publication in TOSC 2024
Keywords: Tweakable Block Ciphers Lightweight Cryptography Reflection Ciphers Memory Encryption Memory Integrity MACs
Contact author(s): roberto avanzi @ gmail com
History: 2023-09-13: last of 22 revisions; 2023-06-14: received; See all versions
Short URL: https://ia.cr/2023/929
License: CC BY-NC-ND

BibTeX

@misc{cryptoeprint:2023/929,
      author = {Roberto Avanzi and Subhadeep Banik and Orr Dunkelman and Maria Eichlseder and Shibam Ghosh and Marcel Nageler and Francesco Regazzoni},
      title = {The QARMAv2 Family of Tweakable Block Ciphers},
      howpublished = {Cryptology ePrint Archive, Paper 2023/929},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/929}},
      url = {https://eprint.iacr.org/2023/929}
}