Length-Doubling Ciphers and Tweakable Ciphers
نویسنده
چکیده
We motivate and describe a mode of operation HEM (resp., THEM) that turns a n-bit blockcipher into a variable-input-length cipher (resp., tweakable cipher) that acts on strings of [n..2n − 1] bits. Both HEM and THEM are simple and intuitive and use only two blockcipher calls, while prior work at least takes three. We prove them secure in the sense of strong PRP and tweakable strong PRP, assuming the underlying blockcipher is a strong PRP.
منابع مشابه
Efficient Length Doubling From Tweakable Block Ciphers
We present a length doubler, LDT, that turns an n-bit tweakable block cipher into an efficient and secure cipher that can encrypt any bit string of length [n..2n − 1]. The LDT mode is simple, uses only two cryptographic primitive calls (while prior work needs at least four), and is a strong length-preserving pseudorandom permutation if the underlying tweakable block ciphers are strong tweakable...
متن کاملOnline Ciphers from Tweakable Blockciphers
Online ciphers are deterministic length-preserving permutations EK : ({0, 1})+ → ({0, 1})+ where the i-th block of ciphertext depends only on the first i blocks of plaintext. Definitions, constructions, and applications for these objects were first given by Bellare, Boldyreva, Knudsen, and Namprempre. We simplify and generalize their work, showing that online ciphers are rather trivially constr...
متن کاملA Modular Framework for Building Variable-Input-Length Tweakable Ciphers
We present the Protected-IV construction (PIV) a simple, modular method for building variable-input-length tweakable ciphers. At our level of abstraction, many interesting design opportunities surface. For example, an obvious pathway to building beyond birthday-bound secure tweakable ciphers with performance competitive with existing birthday-bound-limited constructions. As part of our design s...
متن کاملXHX - A Framework for Optimally Secure Tweakable Block Ciphers from Classical Block Ciphers and Universal Hashing
Tweakable block ciphers are important primitives for designing cryptographic schemes with high security. In the absence of a standardized tweakable block cipher, constructions built from classical block ciphers remain an interesting research topic in both theory and practice. Motivated by Mennink’s F̃ [2] publication from 2015, Wang et al. proposed 32 optimally secure constructions at ASIACRYPT’...
متن کاملLinear Cryptanalysis: Key Schedules and Tweakable Block Ciphers
This paper serves as a systematization of knowledge of linear cryptanalysis and provides novel insights in the areas of key schedule design and tweakable block ciphers. We examine in a step by step manner the linear hull theorem in a general and consistent setting. Based on this, we study the influence of the choice of the key scheduling on linear cryptanalysis, a – notoriously difficult – but ...
متن کامل