Tight Security of TNT and Beyond: Attacks, Proofs and Possibilities for the Cascaded LRW Paradigm

Ashwin Jha, Mustafa Khairallah, Mridul Nandi, Abishanka Saha

Forskningsoutput: Kapitel i bok/rapport/Conference proceedingKonferenspaper i proceedingPeer review

Sammanfattning

Liskov, Rivest and Wagner laid the theoretical foundations for tweakable block ciphers (TBC). In a seminal paper, they proposed two (up to) birthday-bound secure design strategies — LRW1 and LRW2  — to convert any block cipher into a TBC. Several of the follow-up works consider cascading of LRW-type TBCs to construct beyond-the-birthday bound (BBB) secure TBCs. Landecker et al. demonstrated that just two-round cascading of LRW2 can already give a BBB security. Bao et al. undertook a similar exercise in context of LRW1 with TNT  — a three-round cascading of LRW1  — that has been shown to achieve BBB security as well. In this paper, we present a CCA distinguisher on TNT that achieves a non-negligible advantage with O(2n/2) queries, directly contradicting the security claims made by the designers. We provide a rigorous and complete advantage calculation coupled with experimental verification that further support our claim. Next, we provide new and simple proofs of birthday-bound CCA security for both TNT and its single-key variant, which confirm the tightness of our attack. Furthering on to a more positive note, we show that adding just one more block cipher call, referred as 4-LRW1, does not just re-establish the BBB security, but also amplifies it up to 23n/4 queries. As a side-effect of this endeavour, we propose a new abstraction of the cascaded LRW-design philosophy, referred to as the LRW+ paradigm, comprising two block cipher calls sandwiched between a pair of tweakable universal hashes. This helps us to provide a modular proof covering all cascaded LRW constructions with at least 2 rounds, including 4-LRW1, and its more established relative, the well-known CLRW2, or more aptly, 2-LRW2.

Originalspråkengelska
Titel på värdpublikationAdvances in Cryptology – EUROCRYPT 2024 - 43rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2024, Proceedings
RedaktörerMarc Joye, Gregor Leander
FörlagSpringer Science and Business Media B.V.
Sidor249-279
Antal sidor31
ISBN (tryckt)9783031587153
DOI
StatusPublished - 2024
Evenemang43rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2024 - Zurich, Schweiz
Varaktighet: 2024 maj 262024 maj 30

Publikationsserier

NamnLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volym14651 LNCS
ISSN (tryckt)0302-9743
ISSN (elektroniskt)1611-3349

Konferens

Konferens43rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2024
Land/TerritoriumSchweiz
OrtZurich
Period2024/05/262024/05/30

Ämnesklassifikation (UKÄ)

  • Diskret matematik

Fingeravtryck

Utforska forskningsämnen för ”Tight Security of TNT and Beyond: Attacks, Proofs and Possibilities for the Cascaded LRW Paradigm”. Tillsammans bildar de ett unikt fingeravtryck.

Citera det här