Paper 2015/861

A Synthetic Indifferentiability Analysis of Interleaved Double-Key Even-Mansour Ciphers

Chun Guo and Dongdai Lin

Abstract

Iterated Even-Mansour scheme (IEM) is a generalization of the basic 1-round proposal (ASIACRYPT '91). The scheme can use one key, two keys, or completely independent keys. Most of the published security proofs for IEM against relate-key and chosen-key attacks focus on the case where all the round-keys are derived from a single master key. Whereas results beyond this barrier are relevant to the cryptographic problem whether a secure blockcipher with key-size twice the block-size can be built by mixing two \emph{relatively independent} keys into IEM and iterating sufficiently many rounds, and this strategy actually has been used in designing blockciphers for a long-time. This work makes the first step towards breaking this barrier and considers IEM with Interleaved Double \emph{independent} round-keys: $$\text{IDEM}_r((k_1,k_2),m)=k_i\oplus (P_r(\ldots k_1\oplus P_2(k_2\oplus P_1(k_1\oplus m))\ldots)),$$ where $i=2$ when $r$ is odd, and $i=1$ when $r$ is even. As results, this work proves that 15 rounds can achieve (full) indifferentiability from an ideal cipher with $O({q^{8}}/{2^n})$ security bound. This work also proves that 7 rounds is sufficient and necessary to achieve sequential-indifferentiability (a notion introduced at TCC 2012) with $O({q^{6}}/{2^n})$ security bound, so that $\text{IDEM}_{7}$ is already correlation intractable and secure against any attack that exploits evasive relations between its input-output pairs.

Metadata
Available format(s)
PDF
Publication info
A major revision of an IACR publication in ASIACRYPT 2015
Keywords
blockcipherideal cipherindifferentiabilitykey-alternating cipherEven-Mansour ciphercorrelation intractability.
Contact author(s)
guochun @ iie ac cn
History
2015-09-06: received
Short URL
https://ia.cr/2015/861
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/861,
      author = {Chun Guo and Dongdai Lin},
      title = {A Synthetic Indifferentiability Analysis of Interleaved Double-Key Even-Mansour Ciphers},
      howpublished = {Cryptology ePrint Archive, Paper 2015/861},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/861}},
      url = {https://eprint.iacr.org/2015/861}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.