Paper 2024/1864

Tweakable ForkCipher from Ideal Block Cipher

Sougata Mandal, Institute for Advancing Intelligence, TCG CREST, Kolkata, India, Ramakrishna Mission Vivekananda Educational and Research Institute, Belur, India
Abstract

In ASIACRYPT 2019, Andreeva et al. introduced a new symmetric key primitive called the $\textit{forkcipher}$, designed for lightweight applications handling short messages. A forkcipher is a keyed function with a public tweak, featuring fixed-length input and fixed-length (expanding) output. They also proposed a specific forkcipher, ForkSkinny, based on the tweakable block cipher SKINNY, and its security was evaluated through cryptanalysis. Since then, several efficient AEAD and MAC schemes based on forkciphers have been proposed, catering not only to short messages but also to various purposes such as leakage resilience and cloud security. While forkciphers have proven to be efficient solutions for designing AEAD schemes, the area of forkcipher design remains unexplored, particularly the lack of provably secure forkcipher constructions. In this work, we propose forkcipher design for various tweak lengths, based on a block cipher as the underlying primitive. We provide proofs of security for these constructions, assuming the underlying block cipher behaves as an ideal block cipher. First, we present a forkcipher, $\widetilde{\textsf{F}}1$, for an $n$-bit tweak and prove its optimal ($n$-bit) security. Next, we propose another construction, $\widetilde{\textsf{F}}2$, for a $2n$-bit tweak, also proving its optimal ($n$-bit) security. Finally, we introduce a construction, $\widetilde{\textsf{F}}r$, for a general $rn$-bit tweak, achieving $n$-bit security.

Note: The original version of this paper was published in IACR Communications in Cryptology (2024, Volume 1, Issue 3). However, during the review process for ArcticCrypt 2025, reviewers highlighted a birthday attack on our first proposed construction for an optimally secure forkcipher with an n-bit tweak using three n-bit ideal block ciphers. We modified the construction to restore optimal security in this revised version.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A major revision of an IACR publication in CIC 2024
DOI
https://doi.org/10.62056/aey4fbn2hd
Keywords
Ideal Cipher ModelForkcipher
Contact author(s)
sougata mandal @ tcgcrest org
History
2024-11-29: last of 2 revisions
2024-11-14: received
See all versions
Short URL
https://ia.cr/2024/1864
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/1864,
      author = {Sougata Mandal},
      title = {Tweakable {ForkCipher} from Ideal Block Cipher},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1864},
      year = {2024},
      doi = {https://doi.org/10.62056/aey4fbn2hd},
      url = {https://eprint.iacr.org/2024/1864}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.