Abstract

The significance of understanding blockcipher security in the multi-key setting is highlighted by the extensive literature on attacks, and how effective key size can be significantly reduced. Nevertheless, little attention has been paid in formally understanding the design of multi-key secure blockciphers. In this work, we formalize the multi-key security of tweakable blockciphers in case of general key derivation functions. We show an equivalence between blockcipher multi-key security and tweakable blockcipher security. Our equivalence connects two objects of study, the iterated Even–Mansour (EUROCRYPT 2012) and the iterated Tweakable Even–Mansour (CRYPTO 2015), which establishes that results in both areas are, to a certain extent, transferable. Using our novel equivalence relation, we derive new bounds for both constructions, pave the path towards the solution of two well-studied conjectures, and show that, contrary to common knowledge, key derivation functions need not necessarily be pseudorandom functions in order to provide security: for the iterated Even–Mansour universal hash functions suffice.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.