Forking Tweakable Even-Mansour Ciphers

  • Hwigyeom Kim Korea Advanced Institute of Science and Technology (KAIST), Daejeon, Korea
  • Yeongmin Lee Korea Advanced Institute of Science and Technology (KAIST), Daejeon, Korea
  • Jooyoung Lee Korea Advanced Institute of Science and Technology (KAIST), Daejeon, Korea
Keywords: Forkcipher, tweakable block cipher, indistinguishability, Even-Mansour cipher

Abstract

A forkcipher is a keyed, tweakable function mapping an n-bit input to a 2nbit output, which is equivalent to concatenating two outputs from two permutations. A forkcipher can be a useful primitive to design authenticated encryption schemes for short messages. A forkcipher is typically designed within the iterate-fork-iterate (IFI) paradigm, while the provable security of such a construction has not been widely explored.
In this paper, we propose a method of constructing a forkcipher using public permutations as its building primitives. It can be seen as applying the IFI paradigm to the tweakable Even-Mansour ciphers. So our construction is dubbed the forked tweakable Even-Mansour (FTEM) cipher. Our main result is to prove that a (1, 1)-round FTEM cipher (applying a single-round TEM to a plaintext, followed by two independent copies of a single-round TEM) is secure up to 2 2n/3 queries in the ideal permutation model.

Published
2020-12-10
How to Cite
Kim, H., Lee, Y., & Lee, J. (2020). Forking Tweakable Even-Mansour Ciphers. IACR Transactions on Symmetric Cryptology, 2020(4), 71-87. https://doi.org/10.46586/tosc.v2020.i4.71-87
Section
Articles