Designing Tweakable Enciphering Schemes Using Public Permutations

A tweakable enciphering scheme (TES) is a length preserving (tweakable) encryption scheme that provides (tweakable) strong pseudorandom permutation security on arbitrarily long messages. TES is traditionally built using block ciphers and the security of the mode depends on the strong pseudorandom permutation security of the underlying block cipher. In this paper, we construct TESs using public random permutations. Public random permutations are being considered as a replacement of block cipher in several cryptographic schemes including AEs, MACs, etc. However, to our knowledge, a systematic study of constructing TES using public random permutations is missing. In this paper, we give a generic construction of a TES which uses a public random permutation, a length expanding public permutation based PRF and a hash function which is both almost xor universal and almost regular. Further, we propose a concrete length expanding public permutation based PRF construction. We also propose a single keyed TES using a public random permutation and an AXU and almost regular hash function.

[1]  Kazuhiko Minematsu,et al.  Beyond-Birthday-Bound Security Based on Tweakable Block Cipher , 2009, FSE.

[2]  Mridul Nandi,et al.  Tweakable HCTR: A BBB Secure Tweakable Enciphering Scheme , 2018, INDOCRYPT.

[3]  Benoit Cogliati,et al.  On the Provable Security of the Iterated Even-Mansour Cipher Against Related-Key and Chosen-Key Attacks , 2015, EUROCRYPT.

[4]  Bart Mennink,et al.  How to Build Pseudorandom Functions From Public Random Permutations , 2019, IACR Cryptol. ePrint Arch..

[5]  Mridul Nandi,et al.  Beyond Birthday Bound Secure MAC in Faulty Nonce Model , 2019, IACR Cryptol. ePrint Arch..

[6]  Palash Sarkar,et al.  HCH: A New Tweakable Enciphering Scheme Using the Hash-Counter-Hash Approach , 2008, IEEE Transactions on Information Theory.

[7]  Goutam Paul,et al.  Double-block Hash-then-Sum: A Paradigm for Constructing BBB Secure PRF , 2018, IACR Cryptol. ePrint Arch..

[8]  Donghoon Chang,et al.  Release of Unverified Plaintext: Tight Unified Model and Application to ANYDAE , 2020 .

[9]  Goutam Paul,et al.  Single Key Variant of PMAC_Plus , 2017, IACR Trans. Symmetric Cryptol..

[10]  Donghoon Chang,et al.  A Short Proof of the PRP/PRF Switching Lemma , 2008, IACR Cryptol. ePrint Arch..

[11]  Adi Shamir,et al.  Key Recovery Attacks on Iterated Even–Mansour Encryption Schemes , 2015, Journal of Cryptology.

[12]  Mridul Nandi,et al.  An Inverse-Free Single-Keyed Tweakable Enciphering Scheme , 2015, ASIACRYPT.

[13]  John P. Steinberger,et al.  Tight Security Bounds for Key-Alternating Ciphers , 2014, EUROCRYPT.

[14]  Palash Sarkar,et al.  Another look at XCB , 2015, Cryptography and Communications.

[15]  Cuauhtemoc Mancillas-López,et al.  FAST: Disk Encryption and Beyond , 2017, IACR Cryptol. ePrint Arch..

[16]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[17]  David A. Wagner,et al.  Tweakable Block Ciphers , 2002, Journal of Cryptology.

[18]  Yosuke Todo,et al.  Gimli : A Cross-Platform Permutation , 2017, CHES.

[19]  Avijit Dutta,et al.  Minimizing the Two-Round Tweakable Even-Mansour Cipher , 2020, IACR Cryptol. ePrint Arch..

[20]  Thomas Shrimpton,et al.  Deterministic Authenticated-Encryption: A Provable-Security Treatment of the Key-Wrap Problem , 2006, IACR Cryptol. ePrint Arch..

[21]  Phillip Rogaway,et al.  Robust Authenticated-Encryption AEZ and the Problem That It Solves , 2015, EUROCRYPT.

[22]  John P. Steinberger,et al.  Indifferentiability of Iterated Even-Mansour Ciphers with Non-idealized Key-Schedules: Five Rounds Are Necessary and Sufficient , 2017, CRYPTO.

[23]  Guido Bertoni,et al.  Farfalle: parallel permutation-based cryptography , 2017, IACR Trans. Symmetric Cryptol..

[24]  Jacques Patarin,et al.  The "Coefficients H" Technique , 2009, Selected Areas in Cryptography.

[25]  Ross Talarico,et al.  M L A , 1997 .

[26]  Andrey Bogdanov,et al.  spongent: A Lightweight Hash Function , 2011, CHES.

[27]  Mridul Nandi,et al.  Revisiting Variable Output Length XOR Pseudorandom Function , 2018, IACR Trans. Symmetric Cryptol..

[28]  Yishay Mansour,et al.  A construction of a cipher from a single pseudorandom permutation , 1997, Journal of Cryptology.

[29]  Bart Mennink,et al.  Security of Full-State Keyed Sponge and Duplex: Applications to Authenticated Encryption , 2015, ASIACRYPT.

[30]  Larry Carter,et al.  New classes and applications of hash functions , 1979, 20th Annual Symposium on Foundations of Computer Science (sfcs 1979).

[31]  John P. Steinberger,et al.  Key-Alternating Ciphers in a Provable Setting: Encryption Using a Small Number of Public Permutations , 2012, IACR Cryptol. ePrint Arch..

[32]  Joan Daemen,et al.  Xoodyak, a lightweight cryptographic scheme , 2020, IACR Trans. Symmetric Cryptol..

[33]  Igors Stepanovs,et al.  Optimal Channel Security Against Fine-Grained State Compromise: The Safety of Messaging , 2018, IACR Cryptol. ePrint Arch..

[34]  Shai Halevi,et al.  A Tweakable Enciphering Mode , 2003, CRYPTO.

[35]  Mridul Nandi,et al.  An Improved Security Bound for HCTR , 2008, FSE.

[36]  Guido Bertoni,et al.  Sponge-Based Pseudo-Random Number Generators , 2010, CHES.

[37]  Manish Kumar Security of XCB and HCTR , 2018 .

[38]  Scott R. Fluhrer,et al.  The Security of the Extended Codebook (XCB) Mode of Operation , 2007, IACR Cryptol. ePrint Arch..

[39]  Avik Chakraborti,et al.  PHOTON -Beetle Authenticated Encryption and Hash Family , 2021 .

[40]  Peng Wang,et al.  HCTR: A Variable-Input-Length Enciphering Mode , 2005, CISC.

[41]  Shai Halevi,et al.  EME*: Extending EME to Handle Arbitrary-Length Messages with Associated Data , 2004, INDOCRYPT.

[42]  Cuauhtemoc Mancillas-López,et al.  STES: A Stream Cipher Based Low Cost Scheme for Securing Stored Data , 2015, IEEE Transactions on Computers.

[43]  Kan Yasuda,et al.  Encrypt or Decrypt? To Make a Single-Key Beyond Birthday Secure Nonce-Based MAC , 2018, IACR Cryptol. ePrint Arch..

[44]  Palash Sarkar Tweakable Enciphering Schemes From Stream Ciphers With IV , 2009, IACR Cryptol. ePrint Arch..