Filters








61 Hits in 3.8 sec

Minimizing Key Materials: The Even–Mansour Cipher Revisited and Its Application to Lightweight Authenticated Encryption

Ping Zhang, Qian Yuan
2020 Security and Communication Networks  
Finally, we leave it as an open problem to settle the security of the t-round iterated EvenMansour cipher with short keys.  ...  This paper focuses on the problem to minimize the key material of the EvenMansour cipher while its security bound remains essentially the same.  ...  [12] introduced the tweakable Even-Mansour (TEM) cipher combined by the Even-Mansour cipher and a tweak, and proved its security.  ... 
doi:10.1155/2020/4180139 fatcat:zp5pgqi56ndfvbpb6j5sc3zgxm

Provable Security of (Tweakable) Block Ciphers Based on Substitution-Permutation Networks [chapter]

Benoît Cogliati, Yevgeniy Dodis, Jonathan Katz, Jooyoung Lee, John Steinberger, Aishwarya Thiruvengadam, Zhe Zhang
2018 Lecture Notes in Computer Science  
On the other hand, even 1-round SPNs can be secure when non-linearity is allowed.  ...  As an application, our construction can turn two public n-bit permutations (or fixed-key block ciphers) into a tweakable block cipher working on wn-bit inputs, 6n-bit key and an n-bit tweak (for any w  ...  The work of Jonathan Katz  ... 
doi:10.1007/978-3-319-96884-1_24 fatcat:u7z372fmpfd33k65wn3lvra5qy

Multi-key Analysis of Tweakable Even-Mansour with Applications to Minalpher and OPP

Zhiyuan Guo, Wenling Wu, Renzhang Liu, Liting Zhang
2017 IACR Transactions on Symmetric Cryptology  
The tweakable Even-Mansour construction generalizes the conventional Even-Mansour scheme through replacing round keys by strings derived from a master key and a tweak.  ...  In the present paper, we evaluate the multi-key security of TEM-1, one of the most commonly used one-round tweakable Even-Mansour schemes (formally introduced at CRYPTO 2015), which is constructed from  ...  The authors would like to thank all anonymous referees for their valuable comments that greatly improve the manuscript.  ... 
doi:10.46586/tosc.v2016.i2.288-306 fatcat:2dg5ktpl3vavzmvl6vcpxkq23q

Multi-key Analysis of Tweakable Even-Mansour with Applications to Minalpher and OPP

Zhiyuan Guo, Wenling Wu, Renzhang Liu, Liting Zhang
2017 IACR Transactions on Symmetric Cryptology  
The tweakable Even-Mansour construction generalizes the conventional Even-Mansour scheme through replacing round keys by strings derived from a master key and a tweak.  ...  In the present paper, we evaluate the multi-key security of TEM-1, one of the most commonly used one-round tweakable Even-Mansour schemes (formally introduced at CRYPTO 2015), which is constructed from  ...  The authors would like to thank all anonymous referees for their valuable comments that greatly improve the manuscript.  ... 
doi:10.13154/tosc.v2016.i2.288-306 dblp:journals/tosc/GuoWLZ16 fatcat:besakbj35bgbpm2mfqfocmmwda

Wide Tweakable Block Ciphers Based on Substitution-Permutation Networks: Security Beyond the Birthday Bound [article]

Benoît Cogliati, Jooyoung Lee
2018 IACR Cryptology ePrint Archive  
More specifically, our construction can turn two strong public n-bit permutations into a tweakable block cipher working on wn-bit blocks and using a 6n-bit key and an n-bit tweak (for any w ≥ 2); the tweakable  ...  Second, we prove beyond-the-birthday-bound security for 2-round non-linear SPNs with independent S-boxes and independent round keys.  ...  [CLL + 14] also proved that several minimized variants of the 2-round Even-Mansour construction are also secure up to roughly 2 2n/3 adversarial queries.  ... 
dblp:journals/iacr/CogliatiL18 fatcat:orp536z2ivd5pn2keq4h4ii6te

Connecting tweakable and multi-key blockcipher security

Jooyoung Lee, Atul Luykx, Bart Mennink, Kazuhiko Minematsu
2017 Designs, Codes and Cryptography  
Our equivalence connects two objects of study, the iterated Even-Mansour (EUROCRYPT 2012) and the iterated Tweakable Even-Mansour (CRYPTO 2015), which establishes that results in both areas are, to a certain  ...  functions need not necessarily be pseudorandom functions in order to provide security: for the iterated Even-Mansour universal hash functions suffice.  ...  + 12] and the Tweakable Even-Mansour construction TEM[r] [CS15b] , which can be viewed as generic versions of key alternating ciphers [DR02, DR01] , the design approach to the AES [DR02].  ... 
doi:10.1007/s10623-017-0347-3 fatcat:slpezhutubfhllxafjxo7pwsvm

Superposition Attacks on Pseudorandom Schemes based on Two or Less Permutations [article]

Shaoxuan Zhang, Chun Guo, Qingju Wang
2022 IACR Cryptology ePrint Archive  
We first extend Kuwakado and Morii's attack against the Even-Mansour cipher (ISITA 2012), and exhibit key recovery attacks against a large class of pseudorandom schemes based on a single call to an n-bit  ...  We then consider TPPR schemes, namely, Two Permutation-based Pseu-doRandom cryptographic schemes. Using the improved Grover-meet-Simon method of Bonnetain et al.  ...  Further subsequent work investigated adding tweaks to the iterated Even-Mansour via the almost universal hash functions and pinpointed 2-round tweakable Even-Mansour ciphers as the minimal permutation-based  ... 
dblp:journals/iacr/ZhangGW22 fatcat:t7humw7ybbhnjmkggav32uc3zy

Elastic-Tweak: A Framework for Short Tweak Tweakable Block Cipher [article]

Avik Chakraborti, Nilanjan Datta, Ashwin Jha, Cuauhtemoc Mancillas-López, Mridul Nandi, Yu Sasaki
2019 IACR Cryptology ePrint Archive  
Tweakable block cipher (TBC), a stronger notion than standard block ciphers, has wide-scale applications in symmetric-key schemes.  ...  We present hardware and software results to show that the performance overheads for these tBCs are minimal.  ...  LRW1, LRW2 [52] , CLRW2 [50] , XEX [62] and XHX [43] are some examples of the former category, whereas Tweakable Even-Mansour [19] is an example of the latter.  ... 
dblp:journals/iacr/ChakrabortiDJMN19 fatcat:nusednu3l5gkhgkl3bshnacfhm

On the Resilience of Even-Mansour to Invariant Permutations

Bart Mennink, Samuel Neves
2021 Designs, Codes and Cryptography  
We first formalize the use of invariant cryptographic permutations from a security perspective, and analyze the Even-Mansour block cipher construction.  ...  Even-Mansour-ChaCha in $$2^{128}$$ 2 128 queries, faster than the birthday bound.  ...  Note that a minimal construction of 2-round Even-Mansour would take a single key, and add "round constants" to derive mutually slightly different round keys.  ... 
doi:10.1007/s10623-021-00850-2 fatcat:g7gxepprufbkdgxlhsruvia45y

On the Provable Security of the Iterated Even-Mansour Cipher Against Related-Key and Chosen-Key Attacks [chapter]

Benoît Cogliati, Yannick Seurin
2015 Lecture Notes in Computer Science  
We also show that the iterated Even-Mansour cipher with four rounds offers some form of provable resistance to chosen-key attacks, which is the minimal number of rounds to achieve this property.  ...  The iterated Even-Mansour cipher is a construction of a block cipher from r public permutations P1, . . . , Pr which abstracts in a generic way the structure of key-alternating ciphers.  ...  Acknowledgment We thank Gaëtan Leurent for pointing to our attention the related-key attack matching the security bound of Theorem 2.  ... 
doi:10.1007/978-3-662-46800-5_23 fatcat:dyikfqk23jcdlanqcjrhhihhbi

Revisiting Lightweight Block Ciphers: Review, Taxonomy and Future directions [article]

Aaqib Bashir Dar, Mashhood Jeelani Lone, Nuzhat Hussain
2021 IACR Cryptology ePrint Archive  
Over the period of past two decades or so, a bulk of lightweight block ciphers have been proposed due to the growing need and demand in lightweight cryptography.  ...  Block ciphers have been extremely predominant in the area of cryptography and due to the paradigm shift towards devices of resource constrained nature, lightweight block ciphers have totally influenced  ...  Even-Mansour: Named after the authors Shimon Even and Yishay Mansour who proposed it in 1991, the Even-Mansour scheme [18] used in block ciphers makes use of only one pseudorandom permutation and operates  ... 
dblp:journals/iacr/DarLH21 fatcat:e7degswt35gefavnsbmu53r7ky

Modes of Operation Suitable for Computing on Encrypted Data

Dragos Rotaru, Nigel P. Smart, Martijn Stam
2017 IACR Transactions on Symmetric Cryptology  
These two modes are selected because they suit the PRFs examined in previous works. In particular the modes are highly parallel, and do not require evaluation of the inverse of the underlying PRF.  ...  We examine how two parallel modes of operation for Authenticated Encryption (namely CTR+PMAC and OTR mode) work when evaluated in a multiparty computation engine.  ...  The cipher is a classical iterated Even-Mansour cipher using a simple algebraic round permutation inspired by a cipher by Nyberg and Knudsen [NK95] .  ... 
doi:10.13154/tosc.v2017.i3.294-324 dblp:journals/tosc/RotaruSS17 fatcat:shef7sk2pba57kb5dy5nugrlia

Modes of Operation Suitable for Computing on Encrypted Data

Dragos Rotaru, Nigel P. Smart, Martijn Stam
2017 IACR Transactions on Symmetric Cryptology  
These two modes are selected because they suit the PRFs examined in previous works. In particular the modes are highly parallel, and do not require evaluation of the inverse of the underlying PRF.  ...  We examine how two parallel modes of operation for Authenticated Encryption (namely CTR+PMAC and OTR mode) work when evaluated in a multiparty computation engine.  ...  The cipher is a classical iterated Even-Mansour cipher using a simple algebraic round permutation inspired by a cipher by Nyberg and Knudsen [NK95] .  ... 
doi:10.46586/tosc.v2017.i3.294-324 fatcat:ums2prp45jhkpnulf2grrbfmwq

Tweaking a block cipher: multi-user beyond-birthday-bound security in the standard model

Benoît Cogliati
2018 Designs, Codes and Cryptography  
Our construction is very natural, requiring four calls to the underlying block cipher for each call of the tweakable block cipher.  ...  Moreover, it is provably secure in the standard model while keeping the security degradation minimal in the multi-user setting.  ...  We would also like to thank the reviewers from Designs, Codes and Cryptography for their helpful comments.  ... 
doi:10.1007/s10623-018-0471-8 fatcat:fx5mklk75bcopbpdsbgasho4n4

The QARMA Block Cipher Family. Almost MDS Matrices Over Rings With Zero Divisors, Nearly Symmetric Even-Mansour Constructions With Non-Involutory Central Rounds, and Search Heuristics for Low-Latency S-Boxes

Roberto Avanzi
2017 IACR Transactions on Symmetric Cryptology  
However, QARMA differs from previous reflector constructions in that it is a three-round Even-Mansour scheme instead of a FX-construction, and its middle permutation is non-involutory and keyed.  ...  This paper introduces QARMA, a new family of lightweight tweakable block ciphers targeted at applications such as memory encryption, the generation of very short tags for hardware-assisted prevention of  ...  We express gratitude to the authors of [BJK + 16] for the fruitful interaction, in particular to Christof Beierle for sharing his MILP modelling of the Class I state transitions used in § 3.1.2.  ... 
doi:10.46586/tosc.v2017.i1.4-44 fatcat:iaiczp4lhzh5pgz4quzhjcj3jm
« Previous Showing results 1 — 15 out of 61 results