Paper 2024/600

A note on -Tweakable HCTR: A BBB Secure Tweakable Enciphering Scheme-

Mustafa Khairallah, Lund University
Abstract

Tweakable HCTR is an tweakable enciphering proposed by Dutta and Nandi in Indocrypt 2018. It provides beyond birthday bound security when each tweak value is not used too frequently. More importantly for this note, its security bound degrades linearly with the maximum input length. We show in this note that this is not true by showing a single query distinguisher with advantage $O(l^2/2^n)$ where $l$ is the length of that query. The distinguisher does not break the beyond-birthday-bound claim but gives higher advantage than the claimed bound.

Note: After disclosing this flaw publicly, the authors of https://tosc.iacr.org/index.php/ToSC/article/view/9171 have pointed out that they also discovered this flaw in their paper earlier, yet their attack seems to have been unnoticed by the designers. Thus, this note should serve now as a confirmation of their analysis rather than a new observation.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
EncipheringWide Block CipherTweakable HCTR
Contact author(s)
khairallah @ ieee org
History
2024-04-26: last of 2 revisions
2024-04-18: received
See all versions
Short URL
https://ia.cr/2024/600
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/600,
      author = {Mustafa Khairallah},
      title = {A note on -Tweakable HCTR: A BBB Secure Tweakable Enciphering Scheme-},
      howpublished = {Cryptology ePrint Archive, Paper 2024/600},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/600}},
      url = {https://eprint.iacr.org/2024/600}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.