CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation

CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation

In this work, we propose a construction of 2-round tweakable substitutionpermutation networks using a single secret S-box. This construction is based on non-linear permutation layers using independent round keys, and achieves security beyond the birthday bound in the random permutation model. When...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Benoît Cogliati, Jordan Ethan, Virginie Lallemand, Byeonghak Lee, Jooyoung Lee, Marine Minier
Formato: article
Lenguaje:EN
Publicado: Ruhr-Universität Bochum 2021
Materias:
tweakable enciphering mode
SPN
beyond-birthday-bound security
Computer engineering. Computer hardware
TK7885-7895
Acceso en línea:https://doaj.org/article/2edadb90ee6c48bebdfd14200ff2bf8d
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
id oai:doaj.org-article:2edadb90ee6c48bebdfd14200ff2bf8d
record_format dspace
spelling oai:doaj.org-article:2edadb90ee6c48bebdfd14200ff2bf8d2021-12-03T14:38:30ZCTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation10.46586/tosc.v2021.i4.1-352519-173Xhttps://doaj.org/article/2edadb90ee6c48bebdfd14200ff2bf8d2021-12-01T00:00:00Zhttps://tosc.iacr.org/index.php/ToSC/article/view/9327https://doaj.org/toc/2519-173X In this work, we propose a construction of 2-round tweakable substitutionpermutation networks using a single secret S-box. This construction is based on non-linear permutation layers using independent round keys, and achieves security beyond the birthday bound in the random permutation model. When instantiated with an n-bit block cipher with ωn-bit keys, the resulting tweakable block cipher, dubbed CTET+, can be viewed as a tweakable enciphering scheme that encrypts ωκ-bit messages for any integer ω ≥ 2 using 5n + κ-bit keys and n-bit tweaks, providing 2n/3-bit security. Compared to the 2-round non-linear SPN analyzed in [CDK+18], we both minimize it by requiring a single permutation, and weaken the requirements on the middle linear layer, allowing better performance. As a result, CTET+ becomes the first tweakable enciphering scheme that provides beyond-birthday-bound security using a single permutation, while its efficiency is still comparable to existing schemes including AES-XTS, EME, XCB and TET. Furthermore, we propose a new tweakable enciphering scheme, dubbed AES6-CTET+, which is an actual instantiation of CTET+ using a reduced round AES block cipher as the underlying secret S-box. Extensive cryptanalysis of this algorithm allows us to claim 127 bits of security. Such tweakable enciphering schemes with huge block sizes become desirable in the context of disk encryption, since processing a whole sector as a single block significantly worsens the granularity for attackers when compared to, for example, AES-XTS, which treats every 16-byte block on the disk independently. Besides, as a huge amount of data is being stored and encrypted at rest under many different keys in clouds, beyond-birthday-bound security will most likely become necessary in the short term. Benoît CogliatiJordan EthanVirginie LallemandByeonghak LeeJooyoung LeeMarine MinierRuhr-Universität Bochumarticletweakable enciphering modeSPNbeyond-birthday-bound securityComputer engineering. Computer hardwareTK7885-7895ENIACR Transactions on Symmetric Cryptology, Vol 2021, Iss 4 (2021)
institution DOAJ
collection DOAJ
language EN
topic tweakable enciphering mode
SPN
beyond-birthday-bound security
Computer engineering. Computer hardware
TK7885-7895
spellingShingle tweakable enciphering mode
SPN
beyond-birthday-bound security
Computer engineering. Computer hardware
TK7885-7895
Benoît Cogliati
Jordan Ethan
Virginie Lallemand
Byeonghak Lee
Jooyoung Lee
Marine Minier
CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation
description In this work, we propose a construction of 2-round tweakable substitutionpermutation networks using a single secret S-box. This construction is based on non-linear permutation layers using independent round keys, and achieves security beyond the birthday bound in the random permutation model. When instantiated with an n-bit block cipher with ωn-bit keys, the resulting tweakable block cipher, dubbed CTET+, can be viewed as a tweakable enciphering scheme that encrypts ωκ-bit messages for any integer ω ≥ 2 using 5n + κ-bit keys and n-bit tweaks, providing 2n/3-bit security. Compared to the 2-round non-linear SPN analyzed in [CDK+18], we both minimize it by requiring a single permutation, and weaken the requirements on the middle linear layer, allowing better performance. As a result, CTET+ becomes the first tweakable enciphering scheme that provides beyond-birthday-bound security using a single permutation, while its efficiency is still comparable to existing schemes including AES-XTS, EME, XCB and TET. Furthermore, we propose a new tweakable enciphering scheme, dubbed AES6-CTET+, which is an actual instantiation of CTET+ using a reduced round AES block cipher as the underlying secret S-box. Extensive cryptanalysis of this algorithm allows us to claim 127 bits of security. Such tweakable enciphering schemes with huge block sizes become desirable in the context of disk encryption, since processing a whole sector as a single block significantly worsens the granularity for attackers when compared to, for example, AES-XTS, which treats every 16-byte block on the disk independently. Besides, as a huge amount of data is being stored and encrypted at rest under many different keys in clouds, beyond-birthday-bound security will most likely become necessary in the short term.
format article
author Benoît Cogliati
Jordan Ethan
Virginie Lallemand
Byeonghak Lee
Jooyoung Lee
Marine Minier
author_facet Benoît Cogliati
Jordan Ethan
Virginie Lallemand
Byeonghak Lee
Jooyoung Lee
Marine Minier
author_sort Benoît Cogliati
title CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation
title_short CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation
title_full CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation
title_fullStr CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation
title_full_unstemmed CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation
title_sort ctet+: a beyond-birthday-bound secure tweakable enciphering scheme using a single pseudorandom permutation
publisher Ruhr-Universität Bochum
publishDate 2021
url https://doaj.org/article/2edadb90ee6c48bebdfd14200ff2bf8d
work_keys_str_mv AT benoitcogliati ctetabeyondbirthdayboundsecuretweakableencipheringschemeusingasinglepseudorandompermutation
AT jordanethan ctetabeyondbirthdayboundsecuretweakableencipheringschemeusingasinglepseudorandompermutation
AT virginielallemand ctetabeyondbirthdayboundsecuretweakableencipheringschemeusingasinglepseudorandompermutation
AT byeonghaklee ctetabeyondbirthdayboundsecuretweakableencipheringschemeusingasinglepseudorandompermutation
AT jooyounglee ctetabeyondbirthdayboundsecuretweakableencipheringschemeusingasinglepseudorandompermutation
AT marineminier ctetabeyondbirthdayboundsecuretweakableencipheringschemeusingasinglepseudorandompermutation
_version_ 1718373136841310208

Ejemplares similares