CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation
journal contribution
posted on 2023-11-29, 18:06authored byBenoît-Michel Cogliati, Jordan EthanJordan Ethan, Virginie Lallemand, Byeonghak Lee, Jooyoung Lee, Marine Minier
In this work, we propose a construction of 2-round tweakable substitution-
permutation networks using a single secret S-box. This construction is based on
non-linear permutation layers using independent round keys, and achieves security
beyond the birthday bound in the random permutation model. When instantiated
with an n-bit block cipher with κ-bit keys, the resulting tweakable block cipher,
dubbed CTET+, can be viewed as a tweakable enciphering scheme that encrypts
wn-bit messages for any integer w ≥2 using 5n + κ-bit keys and n-bit tweaks,
providing 2n/3-bit security.
Compared to the 2-round non-linear SPN analyzed in [CDK+18], we both minimize
it by requiring a single permutation, and weaken the requirements on the middle
linear layer, allowing better performance. As a result, CTET+ becomes the first
tweakable enciphering scheme that provides beyond-birthday-bound security using
a single permutation, while its efficiency is still comparable to existing schemes
including AES-XTS, EME, XCB and TET. Furthermore, we propose a new tweakable
enciphering scheme, dubbed AES6-CTET+, which is an actual instantiation of CTET+
using a reduced round AES block cipher as the underlying secret S-box. Extensive
cryptanalysis of this algorithm allows us to claim 127 bits of security.
Such tweakable enciphering schemes with huge block sizes become desirable in the
context of disk encryption, since processing a whole sector as a single block significantly
worsens the granularity for attackers when compared to, for example, AES-XTS, which
treats every 16-byte block on the disk independently. Besides, as a huge amount
of data is being stored and encrypted at rest under many different keys in clouds,
beyond-birthday-bound security will most likely become necessary in the short term.
History
Preferred Citation
Benoît-Michel Cogliati, Jordan Ethan, Virginie Lallemand, Byeonghak Lee, Jooyoung Lee and Marine Minier. CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation. In: IACR Transactions on Symmetric Cryptology. 2021.
Primary Research Area
Algorithmic Foundations and Cryptography
Legacy Posted Date
2021-12-16
Journal
IACR Transactions on Symmetric Cryptology
Open Access Type
Gold
Sub Type
Article
BibTeX
@article{cispa_all_3539,
title = "CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation",
author = "Cogliati, Benoît-Michel and Ethan, Jordan and Lallemand, Virginie and Lee, Byeonghak and Lee, Jooyoung and Minier, Marine",
journal="{IACR Transactions on Symmetric Cryptology}",
year="2021",
}