On the Composition of Single-Keyed Tweakable Even-Mansour for Achieving BBB Security
Observing the growing popularity of random permutation (RP)-based designs (e.g, Sponge), Bart Mennink in CRYPTO 2019 has initiated an interesting research in the direction of RP-based pseudorandom functions (PRFs). Both are claimed to achieve beyond-the-birthday-bound (BBB) security of 2n/3 bits (n...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Ruhr-Universität Bochum
2020-07-01
|
| Series: | IACR Transactions on Symmetric Cryptology |
| Subjects: | |
| Online Access: | https://tosc.iacr.org/index.php/ToSC/article/view/8667 |
| _version_ | 1828128582142001152 |
|---|---|
| author | Avik Chakraborti Mridul Nandi Suprita Talnikar Kan Yasuda |
| author_facet | Avik Chakraborti Mridul Nandi Suprita Talnikar Kan Yasuda |
| author_sort | Avik Chakraborti |
| collection | DOAJ |
| description | Observing the growing popularity of random permutation (RP)-based designs (e.g, Sponge), Bart Mennink in CRYPTO 2019 has initiated an interesting research in the direction of RP-based pseudorandom functions (PRFs). Both are claimed to achieve beyond-the-birthday-bound (BBB) security of 2n/3 bits (n being the input block size in bits) but require two instances of RPs and can handle only oneblock inputs. In this work, we extend research in this direction by providing two new BBB-secure constructions by composing the tweakable Even-Mansour appropriately. Our first construction requires only one instance of an RP and requires only one key. Our second construction extends the first to a nonce-based Message Authentication Code (MAC) using a universal hash to deal with multi-block inputs. We show that the hash key can be derived from the original key when the underlying hash is the Poly hash. We provide matching attacks for both constructions to demonstrate the tightness of the proven security bounds. |
| first_indexed | 2024-04-11T16:06:19Z |
| format | Article |
| id | doaj.art-8b0947599a264d6582cc1fa035115d0e |
| institution | Directory Open Access Journal |
| issn | 2519-173X |
| language | English |
| last_indexed | 2024-04-11T16:06:19Z |
| publishDate | 2020-07-01 |
| publisher | Ruhr-Universität Bochum |
| record_format | Article |
| series | IACR Transactions on Symmetric Cryptology |
| spelling | doaj.art-8b0947599a264d6582cc1fa035115d0e2022-12-22T04:14:48ZengRuhr-Universität BochumIACR Transactions on Symmetric Cryptology2519-173X2020-07-012020210.13154/tosc.v2020.i2.1-39On the Composition of Single-Keyed Tweakable Even-Mansour for Achieving BBB SecurityAvik Chakraborti0Mridul Nandi1Suprita Talnikar2Kan Yasuda3Indian Statistical Institute, Kolkata, India; NTT Secure Platform Laboratories, Tokyo, JapanIndian Statistical Institute, Kolkata, IndiaIndian Statistical Institute, Kolkata, IndiaNTT Secure Platform Laboratories, Tokyo, Japan Observing the growing popularity of random permutation (RP)-based designs (e.g, Sponge), Bart Mennink in CRYPTO 2019 has initiated an interesting research in the direction of RP-based pseudorandom functions (PRFs). Both are claimed to achieve beyond-the-birthday-bound (BBB) security of 2n/3 bits (n being the input block size in bits) but require two instances of RPs and can handle only oneblock inputs. In this work, we extend research in this direction by providing two new BBB-secure constructions by composing the tweakable Even-Mansour appropriately. Our first construction requires only one instance of an RP and requires only one key. Our second construction extends the first to a nonce-based Message Authentication Code (MAC) using a universal hash to deal with multi-block inputs. We show that the hash key can be derived from the original key when the underlying hash is the Poly hash. We provide matching attacks for both constructions to demonstrate the tightness of the proven security bounds.https://tosc.iacr.org/index.php/ToSC/article/view/8667PDMMACDavis-MeyerPRFMACpermutationbeyond the birthday bound security |
| spellingShingle | Avik Chakraborti Mridul Nandi Suprita Talnikar Kan Yasuda On the Composition of Single-Keyed Tweakable Even-Mansour for Achieving BBB Security IACR Transactions on Symmetric Cryptology PDMMAC Davis-Meyer PRF MAC permutation beyond the birthday bound security |
| title | On the Composition of Single-Keyed Tweakable Even-Mansour for Achieving BBB Security |
| title_full | On the Composition of Single-Keyed Tweakable Even-Mansour for Achieving BBB Security |
| title_fullStr | On the Composition of Single-Keyed Tweakable Even-Mansour for Achieving BBB Security |
| title_full_unstemmed | On the Composition of Single-Keyed Tweakable Even-Mansour for Achieving BBB Security |
| title_short | On the Composition of Single-Keyed Tweakable Even-Mansour for Achieving BBB Security |
| title_sort | on the composition of single keyed tweakable even mansour for achieving bbb security |
| topic | PDMMAC Davis-Meyer PRF MAC permutation beyond the birthday bound security |
| url | https://tosc.iacr.org/index.php/ToSC/article/view/8667 |
| work_keys_str_mv | AT avikchakraborti onthecompositionofsinglekeyedtweakableevenmansourforachievingbbbsecurity AT mridulnandi onthecompositionofsinglekeyedtweakableevenmansourforachievingbbbsecurity AT supritatalnikar onthecompositionofsinglekeyedtweakableevenmansourforachievingbbbsecurity AT kanyasuda onthecompositionofsinglekeyedtweakableevenmansourforachievingbbbsecurity |