Skip to main content
SpringerLink
Log in
Book cover

Cryptographers’ Track at the RSA Conference

CT-RSA 2022: Topics in Cryptology – CT-RSA 2022 pp 511–536Cite as

Pholkos – Efficient Large-State Tweakable Block Ciphers from the AES Round Function

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13161))

Abstract

This paper proposes Pholkos, a family of heavyweight tweakable block ciphers with state and key sizes of \({\ge }256\) and tweaks of either 128 or 256 bits. When encrypting large chunks of data under the same key, modes with Pholkos do not require “beyond-birthday security” since it provides “bigger birthday security”. This also makes it a good choice for quantum-secure authenticated encryption modes like QCB. Pholkos runs at 1–2 cycles per byte on Intel 6-th generation and more recent, following design principles from Haraka, AESQ, and the TWEAKEY framework. Building on the AES round function not only boosts software performance but also improves security, employing knowledge from two decades of cryptanalysis of the AES.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    Though, Grover’s algorithm does not parallelize well: when running q quantum cores, it still needs \(O(2^{n/2}/\sqrt{q})\) operations.

  2. 2.

    The code is freely available at https://gitlab.com/elist/pholkos.

References

  1. Augot, D., et al.: Initial recommendations of long-term secure post-quantum systems. Revision 1. Technical report (2015)

    Google Scholar 

  2. Bagheri, N., Mendel, F., Sasaki, Yu.: Improved rebound attacks on AESQ: core permutation of CAESAR candidate PAEQ. In: Liu, J.K., Steinfeld, R. (eds.) ACISP 2016, Part II. LNCS, vol. 9723, pp. 301–316. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40367-0_19

    Chapter  Google Scholar 

  3. Bao, Z., Ding, L., Guo, J., Wang, H., Zhang, W.: Improved meet-in-the-middle preimage attacks against AES hashing modes. IACR Trans. Symmetric Cryptol. 2019(4), 318–347 (2019)

    Google Scholar 

  4. Bao, Z., et al.: Automatic search of meet-in-the-middle preimage attacks on AES-like hashing. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021, Part I. LNCS, vol. 12696, pp. 771–804. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77870-5_27

    Chapter  Google Scholar 

  5. Bao, Z., Guo, J., Iwata, T., Minematsu, K.: ZOCB and ZOTR: tweakable blockcipher modes for authenticated encryption with full absorption. ToSC 2019(2), 1–54 (2019)

    Article  Google Scholar 

  6. Bardeh, N.G., Rønjom, S.: Practical attacks on reduced-round AES. In: Buchmann, J., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2019. LNCS, vol. 11627, pp. 297–310. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-23696-0_15

    Chapter  Google Scholar 

  7. Bardeh, N.G., Rønjom, S.: The exchange attack: how to distinguish six rounds of AES with \(2^{88.2}\)chosen plaintexts. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019, Part III. LNCS, vol. 11923, pp. 347–370. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-34618-8_12

    Chapter  Google Scholar 

  8. Beierle, C., et al.: Alzette: a 64-bit ARX-box. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020, Part III. LNCS, vol. 12172, pp. 419–448. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56877-1_15

    Chapter  Google Scholar 

  9. Daniel, J.: Bernstein. Some Challenges in Heavyweight Cipher Design, Technical report (2016)

    Google Scholar 

  10. Bhargavan, K., Leurent, G.: On the practical (In-)security of 64-bit block ciphers: collision attacks on HTTP over TLS and OpenVPN. In: ACM CCS, pp. 456–467 (2016)

    Google Scholar 

  11. Bhaumik, R., et al.: QCB: efficient quantum-secure authenticated encryption. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021. LNCS, vol. 13090. Springer, CHam (2021). https://doi.org/10.1007/978-3-030-92062-3_23

    Chapter  Google Scholar 

  12. Biham, E., Biryukov, A., Dunkelman, O., Richardson, E., Shamir, A.: Initial observations on skipjack: cryptanalysis of Skipjack-3XOR. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 362–375. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48892-8_27

    Chapter  Google Scholar 

  13. Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_2

    Chapter  Google Scholar 

  14. Biham, E., Dunkelman, O., Keller, N.: The rectangle attack—rectangling the Serpent. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 340–357. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_21

    Chapter  Google Scholar 

  15. Biham, E., Dunkelman, O., Keller, N.: New results on boomerang and rectangle attacks. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 1–16. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45661-9_1

    Chapter  Google Scholar 

  16. Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. In: Menezes, A.J., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991). https://doi.org/10.1007/3-540-38424-3_1

    Chapter  Google Scholar 

  17. Biryukov, A., Khovratovich, D.: PAEQ: parallelizable permutation-based authenticated encryption. In: Chow, S.S.M., Camenisch, J., Hui, L.C.K., Yiu, S.M. (eds.) ISC 2014. LNCS, vol. 8783, pp. 72–89. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13257-0_5

    Chapter  Google Scholar 

  18. Biryukov, A., Khovratovich. D.: PAEQ v1. Technical report, 2nd-round Submission to the CAESAR competition (2014)

    Google Scholar 

  19. Biryukov, A., Khovratovich, D., Perrin, L.: Multiset-algebraic cryptanalysis of reduced Kuznyechik, Khazad, and secret SPNs. ToSC 2016(2), 226–247 (2016)

    Google Scholar 

  20. Biryukov, A., Nikolić, I.: Automatic search for related-key differential characteristics in byte-oriented block ciphers: application to AES, Camellia, Khazad and Others. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 322–344. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_17

    Chapter  MATH  Google Scholar 

  21. Biryukov, A., Shamir, A.: Structural cryptanalysis of SASAS. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 395–405. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_24

    Chapter  Google Scholar 

  22. Biryukov, A., Wagner, D.: Slide attacks. In: Knudsen, L. (ed.) FSE 1999. LNCS, vol. 1636, pp. 245–259. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48519-8_18

    Chapter  Google Scholar 

  23. Biryukov, A., Wagner, D.: Advanced slide attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 589–606. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6_41

    Chapter  Google Scholar 

  24. Bogdanov, A., Rijmen, V.: Linear hulls with correlation zero and linear cryptanalysis of block ciphers. Des. Codes Crypt. 70(3), 369–383 (2012). https://doi.org/10.1007/s10623-012-9697-z

    Article  MathSciNet  MATH  Google Scholar 

  25. Boura, C., Canteaut, A.: Another view of the division property. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part I. LNCS, vol. 9814, pp. 654–682. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_24

    Chapter  Google Scholar 

  26. Canteaut, A., et al.: Saturnin: a suite of lightweight symmetric algorithms for post-quantum security. ToSC 2020(S1), 160–207 (2020)

    Article  Google Scholar 

  27. Chakraborti, A., Datta, N., Jha, A., Mancillas-López, C., Nandi, M., Sasaki, Yu.: Elastic-Tweak: A Framework for Short Tweak Tweakable Block Cipher. IACR ePrint 2019/440 (2019)

    Google Scholar 

  28. Chen, L., et al.: Report on Post-Quantum Cryptography. NISTIR, 8105 (2016)

    Google Scholar 

  29. Cid, C., Huang, T., Peyrin, T., Sasaki, Yu., Song, L.: Boomerang connectivity table: a new cryptanalysis tool. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part II. LNCS, vol. 10821, pp. 683–714. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_22

    Chapter  Google Scholar 

  30. Cogliati, B., Lee, J., Seurin, Y.: New constructions of MACs from (tweakable) block ciphers. ToSC 2, 27/2017-58 (2017)

    Google Scholar 

  31. Daemen, J., Knudsen, L., Rijmen, V.: The block cipher square. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–165. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052343

    Chapter  Google Scholar 

  32. Daemen, J., Lamberger, M., Pramstaller, N., Rijmen, V., Vercauteren, F.: Computational aspects of the expected differential probability of 4-round AES and AES-like ciphers. Computing 85(1–2), 85–104 (2009). https://doi.org/10.1007/s00607-009-0034-y

    Article  MathSciNet  MATH  Google Scholar 

  33. Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard (2002)

    Google Scholar 

  34. Demirci, H., Selçuk, A.A.: A meet-in-the-middle attack on 8-round AES. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 116–126. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-71039-4_7

    Chapter  Google Scholar 

  35. Derbez, P., Fouque, P.-A., Jean, J.: Improved key recovery attacks on reduced-round, in the single-key setting. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 371–387. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_23

    Chapter  MATH  Google Scholar 

  36. Dinu, D., Perrin, L., Udovenko, A., Velichkov, V., Großschädl, J., Biryukov, A.: Design strategies for ARX with provable bounds: Sparx and LAX. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016, Part I. LNCS, vol. 10031, pp. 484–513. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53887-6_18

    Chapter  Google Scholar 

  37. Dobraunig, C., Eichlseder, M., Mendel, F.: Square attack on 7-round Kiasu-BC. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 500–517. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39555-5_27

    Chapter  Google Scholar 

  38. Dobraunig, C., List, E.: Impossible-differential and Boomerang cryptanalysis of round-reduced Kiasu-BC. In: Handschuh, H. (ed.) CT-RSA 2017. LNCS, vol. 10159, pp. 207–222. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-52153-4_12

    Chapter  Google Scholar 

  39. Drucker, N., Gueron, S., Krasnov, V.: Making AES great again: the forthcoming vectorized AES instruction. In: Latifi, S. (ed.) 16th International Conference on Information Technology-New Generations (ITNG 2019). AISC, vol. 800, pp. 37–41. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-14070-0_6

    Chapter  Google Scholar 

  40. Dunkelman, O., Keller, N., Lasry, N., Shamir, A.: New Slide Attacks on Almost Self-Similar Ciphers. IACR ePrint 2019/509 (2019)

    Google Scholar 

  41. Dunkelman, O., Keller, N., Shamir, A.: Improved single-key attacks on 8-round AES-192 and AES-256. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 158–176. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17373-8_10

    Chapter  Google Scholar 

  42. Ferguson, N., et al.: The Skein hash function family. 3rd-round submission to the NIST SHA-3 competition, p. 100 (2010)

    Google Scholar 

  43. Gilbert, H., Minier, M.: A collision attack on 7 rounds of Rijndael. In: The Third AES Candidate Conference, pp. 230–241 (2000)

    Google Scholar 

  44. Grassi, L.: Mixture differential cryptanalysis: a new approach to distinguishers and attacks on round-reduced AES. ToSC 2018(2), 133–160 (2018)

    Article  Google Scholar 

  45. Grassi, L.: Probabilistic mixture differential cryptanalysis on round-reduced AES. In: Paterson, K.G., Stebila, D. (eds.) SAC 2019. LNCS, vol. 11959, pp. 53–84. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-38471-5_3

    Chapter  Google Scholar 

  46. Grover, LK.: A fast quantum mechanical algorithm for database search. In: STOC, pp. 212–219 (1996)

    Google Scholar 

  47. Gueron, S., Mouha, N.: Simpira v2: a family of efficient permutations using the AES round function. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016, Part I. LNCS, vol. 10031, pp. 95–125. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53887-6_4

    Chapter  Google Scholar 

  48. Indesteege, S., et al.: The LANE hash function. In: Handschuh, H., Lucks, S., Preneel, B., Rogaway, P. (eds.) Symmetric Cryptography, 11 January – 16 January 2009, Dagstuhl Seminar Proceedings, vol. 09031 (2009)

    Google Scholar 

  49. Intel. Intel architecture instruction set extensions programming reference (2017). https://software.intel.com/sites/default/files/managed/c5/15/architecture-instruction-set-extensions-programming-reference.pdf

  50. Intel. Intrinsics guide (2019). https://software.intel.com/sites/landingpage/IntrinsicsGuide

  51. Iwata, T., Minematsu, K., Peyrin, T., Seurin, Y.: ZMAC: a fast tweakable block cipher mode for highly secure message authentication. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part III. LNCS, vol. 10403, pp. 34–65. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63697-9_2

    Chapter  Google Scholar 

  52. Jean, J.: Cryptanalysis of Haraka. ToSC 2016(1), 1–12 (2016)

    Article  Google Scholar 

  53. Jean, J., Nikolić, I.: Efficient design strategies based on the AES round function. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 334–353. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-52993-5_17

    Chapter  Google Scholar 

  54. Jean, J., Nikolić, I., Peyrin, T.: Tweaks and keys for block ciphers: the TWEAKEY framework. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part II. LNCS, vol. 8874, pp. 274–288. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45608-8_15

    Chapter  Google Scholar 

  55. Nakahara, J.: 3D: a three-dimensional block cipher. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) CANS 2008. LNCS, vol. 5339, pp. 252–267. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89641-8_18

    Chapter  Google Scholar 

  56. Kaplan, M., Leurent, G., Leverrier, A., Naya-Plasencia, M.: Breaking symmetric cryptosystems using quantum period finding. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part II. LNCS, vol. 9815, pp. 207–237. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53008-5_8

    Chapter  Google Scholar 

  57. Kaplan, M., Leurent, G., Leverrier, A., Naya-Plasencia, M.: Quantum differential and linear cryptanalysis. ToSC 2016(1), 71–94 (2016)

    Article  Google Scholar 

  58. Khoo, K., Lee, E., Peyrin, T., Sim, S.M.: Human-readable proof of the related-key security of AES-128. ToSC 2017(2), 59–83 (2017)

    Article  Google Scholar 

  59. Kölbl, S., Lauridsen, M.M., Mendel, F., Rechberger, C.: Haraka - Efficient Short-Input Hashing for Post-Quantum Applications. IACR ePrint 2016/98 (2016)

    Google Scholar 

  60. Kölbl, S., Lauridsen, M.M., Mendel, F., Rechberger, C.: Haraka v2 - efficient short-input hashing for post-quantum applications. ToSC 2016(2), 1–29 (2016)

    Google Scholar 

  61. Kranz, T., Leander, G., Wiemer, F.: Linear cryptanalysis: key schedules and tweakable block ciphers. ToSC 2017(1), 474–505 (2017)

    Article  Google Scholar 

  62. Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7_33

    Chapter  Google Scholar 

  63. McGrew, D.A., Viega, J.: The security and performance of the Galois/counter mode (GCM) of operation. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 343–355. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30556-9_27

    Chapter  Google Scholar 

  64. Nikolić, I.: Tiaoxin - 346. 3rd-round Submission to the CAESAR competition (2016)

    Google Scholar 

  65. NIST. Advanced Encryption Standard (AES). Federal Information Processing Standards (FIPS) Publication 197 (2001)

    Google Scholar 

  66. Oliynykov, R., Gorbenko, I., Kazymyrov, O., Ruzhentsev, V., et al.: A New Encryption Standard of Ukraine: The Kalyna Block Cipher. IACR ePrint 2015/650 (2015)

    Google Scholar 

  67. Peyrin, T.: Tweakable Block Cipher-Based Cryptography (2020)

    Google Scholar 

  68. Peyrin, T., Seurin, Y.: Counter-in-tweak: authenticated encryption modes for tweakable block ciphers. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part I. LNCS, vol. 9814, pp. 33–63. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_2

    Chapter  MATH  Google Scholar 

  69. Peyrin, T., Wang, H.: The MALICIOUS framework: embedding backdoors into tweakable block ciphers. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020, Part III. LNCS, vol. 12172, pp. 249–278. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56877-1_9

    Chapter  Google Scholar 

  70. Rahman, M., Saha, D., Paul, G.: Boomeyong: embedding Yoyo within Boomerang and its applications to key recovery attacks on AES and Pholkos. IACR Trans. Symmetric Cryptol. 2021(3), 137–169 (2021)

    Article  Google Scholar 

  71. Rijmen, V., Barreto, P.S.L.M.: The Anubis block cipher. Submission to NESSIE (2000)

    Google Scholar 

  72. Rogaway, P., Bellare, M., Black, J.: OCB: A block-cipher mode of operation for efficient authenticated encryption. TISSEC 6(3), 365–403 (2003)

    Article  Google Scholar 

  73. Rønjom, S., Bardeh, N.G., Helleseth, T.: Yoyo tricks with AES. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017, Part I. LNCS, vol. 10624, pp. 217–243. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70694-8_8

    Chapter  Google Scholar 

  74. Saha, D., Kakarla, S., Mandava, S., Chowdhury, D.R.: Gain: practical key-recovery attacks on round-reduced PAEQ. J. Hardw. Syst. Secur. 1(3), 282–296 (2017)

    Article  Google Scholar 

  75. Saha, D., Rahman, M., Paul, G.: New Yoyo tricks with AES-based permutations. ToSC 2018(4), 102–127 (2018)

    Article  Google Scholar 

  76. Sakamoto, K., Liu, F., Nakano, Y., Kiyomoto, S., Isobe, T.: Rocca: an efficient AES-based encryption scheme for beyond 5G. IACR Trans. Symmetric Cryptol. 2021(2), 1–30 (2021)

    Article  Google Scholar 

  77. Sasaki, Yu.: Improved related-Tweakey Boomerang attacks on Deoxys-BC. In: Joux, A., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2018. LNCS, vol. 10831, pp. 87–106. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89339-6_6

    Chapter  Google Scholar 

  78. Shiba, R., Sakamoto, K., Isobe, T.: Efficient constructions for large-state block ciphers based on AES New Instructions. IET Inf. Secur. 2021, 1–16 (2021). https://doi.org/10.1049/ise2.12053

    Article  Google Scholar 

  79. Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484–1509 (1997)

    Article  MathSciNet  Google Scholar 

  80. Song, L., Qin, X., Lei, H.: Boomerang connectivity table revisited. Appl. SKINNY AES. ToSC 2019(1), 118–141 (2019)

    Google Scholar 

  81. Sun, B., Liu, M., Guo, J., Rijmen, V., Li, R.: Provable security evaluation of structures against impossible differential and zero correlation linear cryptanalysis. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part I. LNCS, vol. 9665, pp. 196–213. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_8

    Chapter  Google Scholar 

  82. Sun, B., et al.: Links among impossible differential, integral and zero correlation linear cryptanalysis. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015, Part I. LNCS, vol. 9215, pp. 95–115. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47989-6_5

    Chapter  Google Scholar 

  83. Todo, Y.: Structural evaluation by generalized integral property. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015, Part I. LNCS, vol. 9056, pp. 287–314. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_12

    Chapter  Google Scholar 

  84. Wagner, D.: The Boomerang attack. In: Knudsen, L. (ed.) FSE 1999. LNCS, vol. 1636, pp. 156–170. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48519-8_12

    Chapter  Google Scholar 

  85. Wang, Q., Jin, C.: Upper bound of the length of truncated impossible differentials for AES. Des. Codes Crypt. 86(7), 1541–1552 (2017). https://doi.org/10.1007/s10623-017-0411-z

    Article  MathSciNet  MATH  Google Scholar 

  86. Wang, Q., Jin, C.: More accurate results on the provable security of AES against impossible differential cryptanalysis. Des. Codes Crypt. 87(12), 3001–3018 (2019). https://doi.org/10.1007/s10623-019-00660-7

    Article  MathSciNet  MATH  Google Scholar 

  87. Wu, H., Preneel, B.: AEGIS: A Fast Authenticated Encryption Algorithm (v1.1). 3rd-round submission to the CAESAR competition (2015)

    Google Scholar 

Download references

Acknowledgments

We are highly thankful for the fruitful discussions with Maria Eichlseder, Lorenzo Grassi, Reinhard Lüftenegger, Christian Rechberger, and Markus Schofnegger and that from the comments by the anonymous reviewers of SAC 2021 and CT-RSA 2022. Parts of the research leading to these results was made possible by DFG Grant LU 608/9-1.

Author information

Authors and Affiliations

  1. Bauhaus-Universität Weimar, Weimar, Germany

    Jannis Bossert, Eik List, Stefan Lucks & Sebastian Schmitz

Authors
  1. Jannis Bossert
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Eik List
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stefan Lucks
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sebastian Schmitz
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jannis Bossert .

Editor information

Editors and Affiliations

  1. University of Auckland, Auckland, New Zealand

    Steven D. Galbraith

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bossert, J., List, E., Lucks, S., Schmitz, S. (2022). Pholkos – Efficient Large-State Tweakable Block Ciphers from the AES Round Function. In: Galbraith, S.D. (eds) Topics in Cryptology – CT-RSA 2022. CT-RSA 2022. Lecture Notes in Computer Science(), vol 13161. Springer, Cham. https://doi.org/10.1007/978-3-030-95312-6_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-95312-6_21

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-95311-9

  • Online ISBN: 978-3-030-95312-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation