File(s) not publicly available

CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation

journal contribution
posted on 2023-11-29, 18:06 authored by Benoît-Michel Cogliati, Jordan EthanJordan Ethan, Virginie Lallemand, Byeonghak Lee, Jooyoung Lee, Marine Minier
In this work, we propose a construction of 2-round tweakable substitution- permutation networks using a single secret S-box. This construction is based on non-linear permutation layers using independent round keys, and achieves security beyond the birthday bound in the random permutation model. When instantiated with an n-bit block cipher with κ-bit keys, the resulting tweakable block cipher, dubbed CTET+, can be viewed as a tweakable enciphering scheme that encrypts wn-bit messages for any integer w ≥2 using 5n + κ-bit keys and n-bit tweaks, providing 2n/3-bit security. Compared to the 2-round non-linear SPN analyzed in [CDK+18], we both minimize it by requiring a single permutation, and weaken the requirements on the middle linear layer, allowing better performance. As a result, CTET+ becomes the first tweakable enciphering scheme that provides beyond-birthday-bound security using a single permutation, while its efficiency is still comparable to existing schemes including AES-XTS, EME, XCB and TET. Furthermore, we propose a new tweakable enciphering scheme, dubbed AES6-CTET+, which is an actual instantiation of CTET+ using a reduced round AES block cipher as the underlying secret S-box. Extensive cryptanalysis of this algorithm allows us to claim 127 bits of security. Such tweakable enciphering schemes with huge block sizes become desirable in the context of disk encryption, since processing a whole sector as a single block significantly worsens the granularity for attackers when compared to, for example, AES-XTS, which treats every 16-byte block on the disk independently. Besides, as a huge amount of data is being stored and encrypted at rest under many different keys in clouds, beyond-birthday-bound security will most likely become necessary in the short term.


Preferred Citation

Benoît-Michel Cogliati, Jordan Ethan, Virginie Lallemand, Byeonghak Lee, Jooyoung Lee and Marine Minier. CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation. In: IACR Transactions on Symmetric Cryptology. 2021.

Primary Research Area

  • Algorithmic Foundations and Cryptography

Legacy Posted Date



IACR Transactions on Symmetric Cryptology

Open Access Type

  • Gold

Sub Type

  • Article


@article{cispa_all_3539, title = "CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation", author = "Cogliati, Benoît-Michel and Ethan, Jordan and Lallemand, Virginie and Lee, Byeonghak and Lee, Jooyoung and Minier, Marine", journal="{IACR Transactions on Symmetric Cryptology}", year="2021", }

Usage metrics


    No categories selected


    Ref. manager