Skip to main content

Advertisement

Springer Nature Link
Log in

Generalized Tweakable Even-Mansour Cipher and Its Applications

  • Regular Paper
  • Published:
Journal of Computer Science and Technology Aims and scope Submit manuscript

Abstract

This paper describes a generalized tweakable blockcipher HPH (Hash-Permutation-Hash), which is based on a public random permutation P and a family of almost-XOR-universal hash functions \( \mathcal{H}={\left\{ HK\right\}}_{K\in \mathcal{K}} \) as a tweak and key schedule, and defined as y = HPHK((t1, t2), x) = P(xHK(t1)) ⊕ HK(t2), where K is a key randomly chosen from a key space \( \mathcal{K} \), (t1, t2) is a tweak chosen from a valid tweak space \( \mathcal{T} \), x is a plaintext, and y is a ciphertext. We prove that HPH is a secure strong tweakable pseudorandom permutation (STPRP) by using H-coefficients technique. Then we focus on the security of HPH against multi-key and related-key attacks. We prove that HPH achieves both multi-key STPRP security and related-key STPRP security. HPH can be extended to wide applications. It can be directly applied to authentication and authenticated encryption modes. We apply HPH to PMAC1 and OPP, provide an improved authentication mode HPMAC and a new authenticated encryption mode OPH, and prove that the two modes achieve single-key security, multi-key security, and related-key security.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

References

  1. Halevi S, Rogaway P. A tweakable enciphering mode. In Lecture Notes in Computer Science 2729, Boneh D (ed.), Springer-Verlag, 2003, pp.482-499.

  2. Liskov M, Rivest R L, Wagner D. Tweakable block ciphers. In Lecture Notes in Computer Science 2442, Yung M (ed.), Springer-Verlag, 2002, pp.31-46.

  3. Halevi S, Rogaway P. A parallelizable enciphering mode. In Lecture Notes in Computer Science 2964, Okamoto T (ed.), Springer-Verlag, 2004, pp.292-304.

  4. Rogaway P, Zhang H. Online ciphers from tweakable blockciphers. In Lecture Notes in Computer Science 6558, Kiayias A (ed.), Springer-Verlag, 2011, pp.237-249.

  5. Rogaway P. Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. In Lecture Notes in Computer Science 3329, Lee P J (ed.), Springer-Verlag, 2004, pp.16-31.

  6. Landecker W, Shrimpton T, Terashima R S. Tweakable blockciphers with beyond birthday-bound security. In Lecture Notes in Computer Science 7417, Safavi-Naini R, Canetti R (eds.), Springer-Verlag, 2012, pp.14-30.

  7. Krovetz T, Rogaway P. The software performance of authenticated-encryption modes. In Lecture Notes in Computer Science 6733, Joux A (ed.), Springer-Verlag, 2011, pp.306-327.

  8. Andreeva E, Bogdanov A, Luykx A, Mennink B, Tischhauser E, Yasuda K. Parallelizable and authenticated online ciphers. In Lecture Notes in Computer Science 8269, Sako K, Sarkar P (eds.), Springer-Verlag, 2013, pp.424-443.

  9. Granger R, Jovanovic P, Mennink B, Neves S. Improved masking for tweakable blockciphers with applications to authenticated encryption. In Lecture Notes in Computer Science 9665, Fischlin M, Coron J S (eds.), Springer-Verlag, 2016, pp.263-293.

  10. Bossuet L, Datta N, Mancillas-López C, Nandi M. ELmD: A pipelineable authenticated encryption and its hardware implementation. IEEE Trans. Computers, 2016, 65(11): 3318-3331.

    Article  MathSciNet  Google Scholar 

  11. Chakraborty D, Sarkar P. On modes of operations of a block cipher for authentication and authenticated encryption. Cryptography and Communications, 2016, 8(4): 455-511.

    Article  MathSciNet  Google Scholar 

  12. Peyrin T, Seurin Y. Counter-in-Tweak: Authenticated encryption modes for tweakable block ciphers. In Lecture Notes in Computer Science 9814, Robshaw M, Katz J (eds.), Springer-Verlag, 2016, pp.33-63.

  13. Wang L, Guo J, Zhang G, Zhao J, Gu D. How to build fully secure tweakable blockciphers from classical blockciphers. In Lecture Notes in Computer Science 10031, Cheon J, Takagi T (eds.), Springer-Verlag, 2016, pp.455-483.

  14. Cogliati B, Lampe R, Seurin Y. Tweaking Even-Mansour ciphers. In Lecture Notes in Computer Science 9215, Gennaro R, Robshaw M (eds.), Springer-Verlag, 2015, pp.189-208.

  15. Cogliati B, Seurin Y. Beyond-birthday-bound security for tweakable Even-Mansour ciphers with linear tweak and key mixing. In Lecture Notes in Computer Science 9453, Iwata T, Cheon H (eds.), Springer-Verlag, 2015, pp.134-158.

  16. Mennink B. XPX: Generalized tweakable Even-Mansour with improved security guarantees. In Lecture Notes in Computer Science 9814, Robshaw M, Katz J (eds.), Springer-Verlag, 2016, pp.64-94.

  17. Reyhanitabar R, Vaudenay S, Vizár D. Misuse-resistant variants of the OMD authenticated encryption mode. In Lecture Notes in Computer Science 8782, Chow S S M, Liu J K, Hui L C K, Yiu S (eds.), Springer-Verlag, 2014, pp.55-70.

  18. Reyhanitabar R, Vaudenay S, Vizár D. Boosting OMD for almost free authentication of associated data. In Lecture Notes in Computer Science 9054, Leander G (ed.), Springer-Verlag, 2015, pp.411-427.

  19. Mouha N, Luykx A. Multi-key security: The Even-Mansour construction revisited. In Lecture Notes in Computer Science 9215, Gennaro R, Robshaw M (eds.), Springer-Verlag, 2015, pp.209-223.

  20. Reyhanitabar R, Vaudenay S, Vizár D. Authenticated encryption with variable stretch. In Lecture Notes in Computer Science 10031, Cheon J, Takagi T (eds.), Springer-Verlag, 2016, pp.396-425.

  21. Chatterjee S, Menezes A, Sarkar P. Another look at tightness. In Lecture Notes in Computer Science 10031, Miri A, Vaudenay S (eds.), Springer-Verlag, 2011, pp.293-319.

  22. Mantin I, Shamir A. A practical attack on broadcast RC4. In Lecture Notes in Computer Science 10031, Matsui M (ed.), Springer-Verlag, 2001, pp.152-164.

  23. Fouque P, Joux A, Mavromati C. Multi-user collisions: Applications to discrete logarithm, Even-Mansour and PRINCE. In Lecture Notes in Computer Science 8873, Sarkar P, Iwata T (eds.), Springer-Verlag, 2014, pp.420-438.

  24. Bellare M, Bernstein D J, Tessaro S. Hash-function based PRFs: AMAC and its multi-user security. In Lecture Notes in Computer Science 9665, Fischlin M, Coron J S (eds.), Springer-Verlag, 2016, pp.566-595.

  25. Bellare M, Tackmann B. The multi-user security of authenticated encryption: AES-GCM in TLS 1.3. In Lecture Notes in Computer Science 9665, Robshaw M, Katz J (eds.), Springer-Verlag, 2016, pp.247-276.

  26. Hoang V T, Tessaro S. Key-alternating ciphers and key-length extension: Exact bounds and multi-user security. In Lecture Notes in Computer Science 9814, Robshaw M, Katz J (eds.), Springer-Verlag, 2016, pp.3-32.

  27. Guo Z, Wu W, Liu R, Zhang L. Multi-key analysis of tweakable Even-Mansour with applications to minalpher and OPP. IACR Transactions on Symmetric Cryptology, 2016, 2016(2): 288-306.

    Google Scholar 

  28. Biham E. New types of cryptoanalytic attacks using related keys (extended abstract). In Lecture Notes in Computer Science 765, Helleseth T (ed.), Springer-Verlag, 1993, pp.398-409.

  29. Biham E. New types of cryptanalytic attacks using related keys. Journal of Cryptology, 1994, 7(4): 229-246.

    Article  Google Scholar 

  30. Bellare M, Kohno T. A theoretical treatment of related-key attacks: RKA-PRPs, RKA-PRFs, and applications. In Lecture Notes in Computer Science 2656, Biham E (ed.), Springer-Verlag, 2003, pp.491-506.

  31. Biryukov A, Khovratovich D. Related-key cryptanalysis of the full AES-192 and AES-256. In Lecture Notes in Computer Science 5912, Matsui M (ed.), Springer-Verlag, 2009, pp.1-18.

  32. Sun S, Hu L, Wang P, Qiao K, Ma X, Song L. Automatic security evaluation and (related-key) differential characteristic search: Application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers. In Lecture Notes in Computer Science 8873, Sarkar P, Iwata T (eds.), Springer-Verlag, 2014, pp.158-178.

  33. Chen J, Miyaji A. A new practical key recovery attack on the stream cipher RC4 under related-key model. In Lecture Notes in Computer Science 6584, Lai X, Yung M, Lin D (eds.), Springer-Verlag, 2010, pp.62-76.

  34. Cogliati B, Seurin Y. On the provable security of the iterated Even-Mansour cipher against related-key and chosen-key attacks. In Lecture Notes in Computer Science 9056, Oswald E, Fischlin M (eds.), Springer-Verlag, 2015, pp.584-613.

  35. Wang P, Li Y, Zhang L, Zheng K. Related-key almost universal hash functions: Definitions, constructions and applications. In Lecture Notes in Computer Science 9783, Peyrin T (ed.), Springer-Verlag, 2016, pp.514-532.

  36. Peyrin T, Sasaki Y, Wang L. Generic related-key attacks for HMAC. In Lecture Notes in Computer Science 7658, Wang X, Sako K (eds.), Springer-Verlag, 2012, pp.580-597.

  37. Bhattacharyya R, Roy A. Secure message authentication against related-key attack. In Lecture Notes in Computer Science 8424, Moriai S (ed.), Springer-Verlag, 2013, pp.305-324.

  38. Dobraunig C, Eichlseder M, Mendel F. Related-key forgeries for Prost-OTR. In Lecture Notes in Computer Science 9054, Leander G (ed.), Springer-Verlag, 2015, pp.282-296.

  39. Patarin J. The “Coefficients H” technique. In Lecture Notes in Computer Science 5381, Avanzi R M, Keliher L, Sica F (eds.), Springer-Verlag, 2008, pp.328-345.

  40. Kurosawa K. Power of a public random permutation and its application to authenticated encryption. IEEE Transactions on Information Theory, 2010, 5(10): 5366-5374.

    Article  MathSciNet  Google Scholar 

  41. Chen S, Steinberger J P. Tight security bounds for key-alternating ciphers. In Lecture Notes in Computer Science 8441, Nguyen P Q, Oswald E (eds.), Springer-Verlag, 2014, pp.327-350.

  42. Cogliati B, Seurin Y. EWCDM: An efficient, beyond-birthday secure, nonce-misuse resistant MAC. In Lecture Notes in Computer Science 9814, Robshaw M, Katz J (eds.), Springer-Verlag, 2016, pp.121-149.

  43. Datta N, Nandi M. ELmE: A misuse resistant parallel authenticated encryption. In Lecture Notes in Computer Science 8544, Susilo W, Mu Y (eds.), Springer-Verlag, 2014, pp.306-321.

  44. Daemen J, Lamberger M, Pramstaller N, Rijmen V, Vercauteren F. Computational aspects of the expected differential probability of 4-round AES and AES-like ciphers. Computing, 2009, 85(1): 85-104.

    Article  MathSciNet  Google Scholar 

  45. Rogaway P, Bellare M, Black J. OCB: A block-cipher mode of operation for efficient authenticated encryption. ACM Transactions on Information and System Security, 2003, 6(3): 365-403.

    Article  Google Scholar 

  46. Sasaki Y, Yasuda K. A new mode of operation for incremental authenticated encryption with associated data. In Lecture Notes in Computer Science 9566, Dunkelman O, Keliher L (eds.), Springer-Verlag, 2016, pp.397-416.

  47. Sarkar P. Modes of operations for encryption and authentication using stream ciphers supporting an initialisation vector. Cryptography and Communications, 2014, 6(3): 189-231.

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Key Laboratory of Electromagnetic Space Information, Chinese Academy of Sciences, Hefei, 230027, China

    Ping Zhang & Hong-Gang Hu

  2. School of Information Science and Technology, University of Science and Technology of China, Hefei, 230027, China

    Ping Zhang & Hong-Gang Hu

Authors
  1. Ping Zhang
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Hong-Gang Hu
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Hong-Gang Hu.

Electronic supplementary material

ESM 1

(PDF 119 kb)

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhang, P., Hu, HG. Generalized Tweakable Even-Mansour Cipher and Its Applications. J. Comput. Sci. Technol. 33, 1261–1277 (2018). https://doi.org/10.1007/s11390-018-1886-4

Download citation

  • Received:

  • Revised:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11390-018-1886-4

Keywords