[Resource Topic] 2018/434: Towards Tight Security of Cascaded LRW2

Welcome to the resource topic for 2018/434

Towards Tight Security of Cascaded LRW2

Authors: Bart Mennink


The Cascaded LRW2 tweakable block cipher was introduced by Landecker et al. at CRYPTO 2012, and proven secure up to 2^{2n/3} queries. There has not been any attack on the construction faster than the generic attack in 2^n queries. In this work we initiate the quest towards a tight bound. We first present a distinguishing attack in 2n^{1/2}2^{3n/4} queries against a generalized version of the scheme. The attack is supported with an experimental verification and a formal success probability analysis. We subsequently discuss non-trivial bottlenecks in proving tight security, most importantly the distinguisher’s freedom in choosing the tweak values. Finally, we prove that if every tweak value occurs at most 2^{n/4} times, Cascaded LRW2 is secure up to 2^{3n/4} queries.

ePrint: https://eprint.iacr.org/2018/434

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .