Abstract
The Even–Mansour cipher has been widely used in block ciphers and lightweight symmetric-key ciphers because of its simple structure and strict provable security. Its research has been a hot topic in cryptography. This paper focuses on the problem to minimize the key material of the Even–Mansour cipher while its security bound remains essentially the same. We introduce four structures of the Even–Mansour cipher with a short key and derive their security by Patarin’s H-coefficients technique. These four structures are proven secure up to O˜2k/μ adversarial queries, where k is the bit length of the key material and μ is the maximal multiplicity. Then, we apply them to lightweight authenticated encryption modes and prove their security up to about minb/2,c,k−log μ-bit adversarial queries, where b is the size of the permutation and c is the capacity of the permutation. Finally, we leave it as an open problem to settle the security of the t-round iterated Even–Mansour cipher with short keys.
Highlights
In recent years, more and more attention has been paid to lightweight cryptography as smart home, Internet of things (IoT), smart transportation, and 5G/B5G networks are proposed. ese new technologies brought convenience to our lives but have introduced a powerful security threat, such as the leakage of the private data in our smart phone
Lightweight cryptography is an effective countermeasure against the security threats in order to achieve the privacy and integrity protections of the sensitive data
Lightweight cryptography is mainly used in resource-constrained devices. e block cipher has become a very vital lightweight symmetric-key cryptography, due to its fast speed, easy implementation, and easy standardization on these devices
Summary
More and more attention has been paid to lightweight cryptography as smart home, Internet of things (IoT), smart transportation, and 5G/B5G networks are proposed. ese new technologies brought convenience to our lives but have introduced a powerful security threat, such as the leakage of the private data in our smart phone. Do Nascimento and Xexeo [14] applied the Even–Mansour cipher to the Internet of ings (IoT) environments and presented a flexible lightweight authenticated encryption mode in 2017 It follows that Cho et al [15] presented a new family of white-box block ciphers based on the Even–Mansour cipher WEM which achieves balances between performance and security. We revisit the Even–Mansour cipher and consider as problem whether we can use the least key material to achieve the same security bound. En, we apply its four structures to lightweight authenticated encryption (AE) modes and prove their security up to about minb/2, c, k − log μ-bit adversarial queries, where b r + c is the size of the permutation and c
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
