Forking Tweakable Even-Mansour Ciphers

Authors

  • Hwigyeom Kim Korea Advanced Institute of Science and Technology (KAIST), Daejeon, Korea
  • Yeongmin Lee Korea Advanced Institute of Science and Technology (KAIST), Daejeon, Korea
  • Jooyoung Lee Korea Advanced Institute of Science and Technology (KAIST), Daejeon, Korea

DOI:

https://doi.org/10.46586/tosc.v2020.i4.71-87

Keywords:

Forkcipher, tweakable block cipher, indistinguishability, Even-Mansour cipher

Abstract

A forkcipher is a keyed, tweakable function mapping an n-bit input to a 2nbit output, which is equivalent to concatenating two outputs from two permutations. A forkcipher can be a useful primitive to design authenticated encryption schemes for short messages. A forkcipher is typically designed within the iterate-fork-iterate (IFI) paradigm, while the provable security of such a construction has not been widely explored.
In this paper, we propose a method of constructing a forkcipher using public permutations as its building primitives. It can be seen as applying the IFI paradigm to the tweakable Even-Mansour ciphers. So our construction is dubbed the forked tweakable Even-Mansour (FTEM) cipher. Our main result is to prove that a (1, 1)-round FTEM cipher (applying a single-round TEM to a plaintext, followed by two independent copies of a single-round TEM) is secure up to 2 2n/3 queries in the ideal permutation model.

Downloads

Published

2020-12-10

Issue

Section

Articles

How to Cite

Forking Tweakable Even-Mansour Ciphers. (2020). IACR Transactions on Symmetric Cryptology, 2020(4), 71-87. https://doi.org/10.46586/tosc.v2020.i4.71-87