Welcome to the resource topic for 2018/488
Title:
Wide Tweakable Block Ciphers Based on Substitution-Permutation Networks: Security Beyond the Birthday Bound
Authors: Benoît Cogliati, Jooyoung Lee
Abstract:Substitution-Permutation Networks (SPNs) refer to a family of constructions which build a wn-bit (tweakable) block cipher from n-bit public permutations. Many widely deployed block ciphers are part of this family and rely on very small public permutations. Surprisingly, this structure has seen little theoretical interest when compared with Feistel networks, another high-level structure for block ciphers. This paper extends the work initiated by Dodis et al. in three directions; first, we make SPNs tweakable by allowing keyed tweakable permutations in the permutation layer, and prove their security as tweakable block ciphers. Second, we prove beyond-the-birthday-bound security for 2-round non-linear SPNs with independent S-boxes and independent round keys. Our bounds also tend towards optimal security 2^n (in terms of the number of threshold queries) as the number of rounds increases. Finally, all our constructions permit their security proofs in the multi-user setting. As an application of our results, SPNs can be used to build provably secure wide tweakable block ciphers from several public permutations, or from a block cipher. More specifically, our construction can turn two strong public n-bit permutations into a tweakable block cipher working on wn-bit blocks and using a 6n-bit key and an n-bit tweak (for any w\geq 2); the tweakable block cipher provides security up to 2^{2n/3} adversarial queries in the random permutation model, while only requiring w calls to each permutation and 3w field multiplications for each wn-bit block.
ePrint: https://eprint.iacr.org/2018/488
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .