Paper published in a book (Scientific congresses, symposiums and conference proceedings)
Provable Security of (Tweakable) Block Ciphers Based on Substitution-Permutation Networks
Cogliati, Benoît-Michel; Dodis, Yevgeniy; Katz, Jonathan et al.
2018In Provable Security of (Tweakable) Block Ciphers Based on Substitution-Permutation Networks
Peer reviewed
 

Files


Full Text
spn-bbb.pdf
Author postprint (655.73 kB)
Download

© IACR 2018. This article is the final version submitted by the author(s) to the IACR and to Springer-Verlag on 2018-06-10. The version published by Springer-Verlag is available at 10.1007/978-3-319-96884-1\_24


All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
substitution-permutation networks; tweakable block ciphers; domain extension of block ciphers; beyond-birthday-bound security
Abstract :
[en] Substitution-Permutation Networks (SPNs) refer to a family of constructions which build a wn-bit block cipher from n-bit public permutations (often called S-boxes), which alternate keyless and “local” substitution steps utilizing such S-boxes, with keyed and “global” permu- tation steps which are non-cryptographic. Many widely deployed block ciphers are constructed based on the SPNs, but there are essentially no provable-security results about SPNs. In this work, we initiate a comprehensive study of the provable security of SPNs as (possibly tweakable) wn-bit block ciphers, when the underlying n-bit permutation is modeled as a public random permutation. When the permutation step is linear (which is the case for most existing designs), we show that 3 SPN rounds are necessary and sufficient for security. On the other hand, even 1-round SPNs can be secure when non-linearity is allowed. Moreover, 2-round non-linear SPNs can achieve “beyond- birthday” (up to 2 2n/3 adversarial queries) security, and, as the number of non-linear rounds increases, our bounds are meaningful for the number of queries approaching 2 n . Finally, our non-linear SPNs can be made tweakable by incorporating the tweak into the permutation layer, and provide good multi-user security. As an application, our construction can turn two public n-bit permuta- tions (or fixed-key block ciphers) into a tweakable block cipher working on wn-bit inputs, 6n-bit key and an n-bit tweak (for any w ≥ 2); the tweakable block cipher provides security up to 2 2n/3 adversarial queries in the random permutation model, while only requiring w calls to each permutation, and 3w field multiplications for each wn-bit input.
Disciplines :
Computer science
Author, co-author :
Cogliati, Benoît-Michel ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Dodis, Yevgeniy;  New York University, USA
Katz, Jonathan;  University of Maryland, USA
Lee, Jooyoung;  KAIST, Korea
Steinberger, John
Thiruvengadam, Aishwarya;  University of California, Santa Barbara
Zhang, Zhe;  Tsinghua University, Beijing
External co-authors :
yes
Language :
English
Title :
Provable Security of (Tweakable) Block Ciphers Based on Substitution-Permutation Networks
Publication date :
2018
Event name :
CRYPTO 2018
Event date :
August 19-23, 2018
Main work title :
Provable Security of (Tweakable) Block Ciphers Based on Substitution-Permutation Networks
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
European Projects :
H2020 - 644209 - HEAT - Homomorphic Encryption Applications and Technology
Funders :
CE - Commission Européenne [BE]
Available on ORBilu :
since 29 January 2020

Statistics


Number of views
56 (0 by Unilu)
Number of downloads
197 (0 by Unilu)

Scopus citations®
 
14
Scopus citations®
without self-citations
12
OpenCitations
 
12
WoS citations
 
15

Bibliography


Similar publications



Contact ORBilu