Welcome to the resource topic for 2022/1445
Title:
Minimizing Even-Mansour Ciphers for Sequential Indifferentiability (Without Key Schedules)
Authors: Shanjie Xu, Qi Da, Chun Guo
Abstract:Iterated Even-Mansour (IEM) schemes consist of a small number of fixed permutations separated by round key additions. They enjoy provable security, assuming the permutations are public and random. In particular, regarding chosen-key security in the sense of sequential indifferentiability (seq-indifferentiability), Cogliati and Seurin (EUROCRYPT 2015) showed that without key schedule functions, the 4-round Even-Mansour with Independent Permutations and no key schedule EMIP_4(k,u) = k \oplus p_4 ( k \oplus p_3( k \oplus p_2( k\oplus p_1(k \oplus u)))) is sequentially indifferentiable.
Minimizing IEM variants for classical strong (tweakable) pseudorandom security has stimulated an attractive line of research. In this paper, we seek for minimizing the EMIP_4 construction while retaining seq-indifferentiability. We first consider EMSP, a natural variant of EMIP using a single round permutation. Unfortunately, we exhibit a slide attack against EMSP with any number of rounds. In light of this, we show that the 4-round EM2P_4^{p_1,p_2}
(k,u)=k\oplus p_1(k \oplus p_2(k\oplus p_2(k\oplus p_1(k\oplus u)))) using 2 independent random permutations p_1,p_2 is seq-indifferentiable. This provides the minimal seq-indifferentiable IEM without key schedule.
ePrint: https://eprint.iacr.org/2022/1445
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .