Nothing Special   »   [go: up one dir, main page]

What a lovely hat

Is it made out of tin foil?

Paper 2023/1242

Cascading Four Round LRW1 is Beyond Birthday Bound Secure

Nilanjan Datta, Institute for Advancing Intelligence, TCG CREST
Shreya Dey, Institute for Advancing Intelligence, TCG CREST
Avijit Dutta, Institute for Advancing Intelligence, TCG CREST
Sougata Mandal
Abstract

In CRYPTO'02, Liskov et al. have introduced a new symmetric key primitive called tweakable block cipher. They have proposed two constructions of designing a tweakable block cipher from block ciphers. The first proposed construction is called $\mathsf{LRW1}$ and the second proposed construction is called $\mathsf{LRW2}$. Although, $\mathsf{LRW2}$ has been extended in later works to provide beyond birthday bound security (e.g., cascaded $\mathsf{LRW2}$ in CRYPTO'12 by Landecker et al.), but extension of the $\mathsf{LRW1}$ has received no attention until the work of Bao et al. in EUROCRYPT'20, where the authors have shown that one round extension of $\mathsf{LRW1}$, i.e., masking the output of $\mathsf{LRW1}$ with the given tweak and then re-encrypting it with the same block cipher, gives security up to $2^{2n/3}$ queries. Recently, Khairallah has shown a birthday bound distinguishing attack on the construction and hence invalidated the security claim of Bao et al. This has led to the open research question, that {\em how many round are required for cascading $\mathsf{LRW1}$ to achieve beyond birthday bound security ?} In this paper, we have shown that cascading $\mathsf{LRW1}$ up to four rounds is sufficient for ensuring beyond the birthday bound security. In particular, we have shown that $\mathsf{CLRW1}^4$ provides security up to $2^{3n/4}$ queries. Security analysis of our construction is based on the recent development of the mirror theory technique for tweakable random permutations under the framework of the Expectation Method.

Note: The previous version of this work provides $2n/3$-bit security of $\mathsf{CLRW1}^4$. In this version, we have improved the security up to $3n/4$-bit.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
Tweakable Block CipherMirror TheoryBlock CipherExpectation Method$\mathsf{TNT}$
Contact author(s)
nilanjan datta @ tcgcrest org
exhilarant shreya dey @ gmail com
avirocks dutta13 @ gmail com
sougatamandal2014 @ gmail com
History
2023-08-24: revised
2023-08-16: received
See all versions
Short URL
https://ia.cr/2023/1242
License
No rights reserved
CC0

BibTeX

@misc{cryptoeprint:2023/1242,
      author = {Nilanjan Datta and Shreya Dey and Avijit Dutta and Sougata Mandal},
      title = {Cascading Four Round {LRW1} is Beyond Birthday Bound Secure},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1242},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1242}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.