On the composition of single-keyed tweakable even-mansour for achieving BBB security

Authors

Avik Chakraborti, Indian Statistical Institute, Kolkata
Mridul Nandi, Indian Statistical Institute, Kolkata
Suprita Talnikar, Indian Statistical Institute, Kolkata
Kan Yasuda, Nippon Telegraph and Telephone Corporation

Article Type

Research Article

Publication Title

IACR Transactions on Symmetric Cryptology

Abstract

Observing the growing popularity of random permutation (RP)-based designs (e.g, Sponge), Bart Mennink in CRYPTO 2019 has initiated an interesting research in the direction of RP-based pseudorandom functions (PRFs). Both are claimed to achieve beyond-the-birthday-bound (BBB) security of 2n/3 bits (n being the input block size in bits) but require two instances of RPs and can handle only one-block inputs. In this work, we extend research in this direction by providing two new BBB-secure constructions by composing the tweakable Even-Mansour appropriately. Our first construction requires only one instance of an RP and requires only one key. Our second construction extends the first to a nonce-based Message Authentication Code (MAC) using a universal hash to deal with multi-block inputs. We show that the hash key can be derived from the original key when the underlying hash is the Poly hash. We provide matching attacks for both constructions to demonstrate the tightness of the proven security bounds.

First Page

1

Last Page

39

DOI

10.13154/tosc.v2020.i2.1-39

Publication Date

1-1-2020

Recommended Citation

Chakraborti, Avik; Nandi, Mridul; Talnikar, Suprita; and Yasuda, Kan, "On the composition of single-keyed tweakable even-mansour for achieving BBB security" (2020). Journal Articles. 484.
https://digitalcommons.isical.ac.in/journal-articles/484