Skip to main content
SpringerLink
Log in

Tweakable HCTR: A BBB Secure Tweakable Enciphering Scheme

  • Conference paper
  • First Online:
Book cover Progress in Cryptology – INDOCRYPT 2018 (INDOCRYPT 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11356))

Included in the following conference series:

Abstract

HCTR, proposed by Wang et al., is one of the most efficient candidates of tweakable enciphering schemes that turns an n-bit block cipher into a variable input length tweakable block cipher. Wang et al. have shown that HCTR offers a cubic security bound against all adaptive chosen plaintext and chosen ciphertext adversaries. Later in FSE 2008, Chakraborty and Nandi have improved its bound to \(O(\sigma ^2/2^n)\), where \(\sigma \) is the total number of blocks queried and n is the block size of the block cipher. In this paper, we propose tweakable HCTR that turns an n-bit tweakable block cipher to a variable input length tweakable block cipher by replacing all the block cipher calls of HCTR with tweakable block cipher. We show that when there is no repetition of the tweak, tweakable HCTR enjoys the optimal security against all adaptive chosen plaintext and chosen ciphertext adversaries. However, if the repetition of the tweak is limited, then the security of the construction remains close to the security bound in no repetition of the tweak case. Hence, it gives a graceful security degradation with the maximum number of repetition of tweaks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    A length preserving permutation over \(\mathcal {M}\) is a permutation \(\pi \) such that for all \(M \in \mathcal {M}\), \(|\pi (M)| = |M|\).

  2. 2.

    An almost-xor universal hash function is a keyed hash function such that for any two distinct messages, the probability, over the random draw of a hash key, the hash differential being equal to a specific output is small.

  3. 3.

    A tweakable block cipher is basically a simple block cipher with an additional parameter called tweak.

  4. 4.

    This security bound is beyond birthday in terms of the block size n, but with respect to the input size of TBC (i.e., \(n + m\) bits), it is the birthday bound.

  5. 5.

    Informally, a keyed hash function is said to be a partial-almost xor universal hash function, if for any two distinct inputs, the probability over the random draw of the hash key, that the first n-bit part of the sum of their hash output takes any value and the remaining m-bit part of the hash value collides, is very small.

References

  1. Bellare, M., Kilian, J., Rogaway, P.: The security of cipher block chaining. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 341–358. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48658-5_32

    Chapter  Google Scholar 

  2. Bellare, M., Rogaway, P.: Encode-then-encipher encryption: how to exploit nonces or redundancy in plaintexts for efficient cryptography. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 317–330. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44448-3_24

    Chapter  MATH  Google Scholar 

  3. Bhaumik, R., Nandi, M.: An inverse-free single-keyed tweakable enciphering scheme. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015, Part II. LNCS, vol. 9453, pp. 159–180. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48800-3_7

    Chapter  Google Scholar 

  4. Carter, L., Wegman, M.N.: Universal classes of hash functions. J. Comput. Syst. Sci. 18(2), 143–154 (1979)

    Article  MathSciNet  Google Scholar 

  5. Chakraborty, D., Ghosh, S., Sarkar, P.: A fast single-key two-level universal hash function. IACR Trans. Symmetric Cryptol. 2017(1), 106–128 (2017)

    Google Scholar 

  6. Chakraborty, D., Nandi, M.: An improved security bound for HCTR. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 289–302. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-71039-4_18

    Chapter  Google Scholar 

  7. Chakraborty, D., Sarkar, P.: HCH: a new tweakable enciphering scheme using the hash-encrypt-hash approach. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 287–302. Springer, Heidelberg (2006). https://doi.org/10.1007/11941378_21

    Chapter  Google Scholar 

  8. Chakraborty, D., Sarkar, P.: A new mode of encryption providing a tweakable strong pseudo-random permutation. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 293–309. Springer, Heidelberg (2006). https://doi.org/10.1007/11799313_19

    Chapter  MATH  Google Scholar 

  9. Chen, S., Lampe, R., Lee, J., Seurin, Y., Steinberger, J.: Minimizing the two-round even-mansour cipher. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 39–56. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_3

    Chapter  Google Scholar 

  10. Daemen, J., Rijmen, V.: Rijndael for AES. In: AES Candidate Conference, pp. 343–348 (2000)

    Google Scholar 

  11. Datta, N., Dutta, A., Nandi, M., Yasuda, K.: Encrypt or decrypt? to make a single-key beyond birthday secure nonce-based MAC. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part I. LNCS, vol. 10991, pp. 631–661. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96884-1_21

    Chapter  Google Scholar 

  12. Halevi, S.: EME*: extending EME to handle arbitrary-length messages with associated data. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 315–327. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30556-9_25

    Chapter  Google Scholar 

  13. Halevi, S.: Invertible universal hashing and the TET encryption mode. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 412–429. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74143-5_23

    Chapter  Google Scholar 

  14. Halevi, S., Rogaway, P.: A tweakable enciphering mode. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 482–499. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_28

    Chapter  Google Scholar 

  15. Halevi, S., Rogaway, P.: A parallelizable enciphering mode. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 292–304. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24660-2_23

    Chapter  Google Scholar 

  16. Jha, A., List, E., Minematsu, K., Mishra, S., Nandi, M.: XHX - A framework for optimally secure tweakable block ciphers from classical block ciphers and universal hashing. IACR Cryptology ePrint Archive 2017, p. 1075 (2017)

    Google Scholar 

  17. Lee, J., Luykx, A., Mennink, B., Minematsu, K.: Connecting tweakable and multi-key blockcipher security. Des. Codes Crypt. 86(3), 623–640 (2018)

    Article  MathSciNet  Google Scholar 

  18. Luby, M., Rackoff, C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM J. Comput. 17(2), 373–386 (1988)

    Article  MathSciNet  Google Scholar 

  19. Mancillas-López, C., Chakraborty, D., Rodríguez-Henríquez, F.: Efficient implementations of some tweakable enciphering schemes in reconfigurable hardware. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 414–424. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77026-8_33

    Chapter  MATH  Google Scholar 

  20. McGrew, D.A., Fluhrer, S.R.: The extended codebook (XCB) mode of operation. IACR Cryptology ePrint Archive 2004, p. 278 (2004)

    Google Scholar 

  21. McGrew, D.A., Viega, J.: The security and performance of the galois/counter mode (GCM) of operation. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 343–355. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30556-9_27

    Chapter  Google Scholar 

  22. Mennink, B.: Towards tight security of cascaded LRW2. IACR Cryptology ePrint Archive 2018, p. 434 (2018)

    Chapter  Google Scholar 

  23. Minematsu, K.: Beyond-birthday-bound security based on tweakable block cipher. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 308–326. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03317-9_19

    Chapter  Google Scholar 

  24. Minematsu, K., Iwata, T.: Building blockcipher from tweakable blockcipher: extending FSE 2009 Proposal. In: Chen, L. (ed.) IMACC 2011. LNCS, vol. 7089, pp. 391–412. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25516-8_24

    Chapter  Google Scholar 

  25. Minematsu, K., Iwata, T.: Tweak-length extension for tweakable blockciphers. In: Groth, J. (ed.) IMACC 2015. LNCS, vol. 9496, pp. 77–93. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-27239-9_5

    Chapter  Google Scholar 

  26. Minematsu, K., Matsushima, T.: Tweakable enciphering schemes from hash-sum-expansion. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 252–267. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77026-8_19

    Chapter  Google Scholar 

  27. Naor, M., Reingold, O.: A pseudo-random encryption mode. www.wisdom.weizmann.ac.il/naor

  28. Naor, M., Reingold, O.: On the construction of pseudorandom permutations: Luby-rackoff revisited. J. Cryptol. 12(1), 29–66 (1999)

    Article  MathSciNet  Google Scholar 

  29. National Bureau of Standards. Data encryption standard. Federal Information Processing Standard (1977)

    Google Scholar 

  30. Patarin, J.: A proof of security in O(2n) for the Xor of two random permutations. In: Safavi-Naini, R. (ed.) ICITS 2008. LNCS, vol. 5155, pp. 232–248. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85093-9_22

    Chapter  MATH  Google Scholar 

  31. Jacques, P.: The “Coefficients H” Technique. In: Selected Areas in Cryptography, SAC, , pp. 328–345 (2008)

    Google Scholar 

  32. Peyrin, T., Seurin, Y.: Counter-in-tweak: authenticated encryption modes for tweakable block ciphers. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part I. LNCS, vol. 9814, pp. 33–63. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_2

    Chapter  MATH  Google Scholar 

  33. Phillip, R., Mihir, B., John, B., Krovetz, T.: O.C.B.: a block-cipher mode of operation for efficient authenticated encryption, In: Proceedings of the 8th ACM Conference on Computer and Communications Security, CCS 2001, Philadelphia, Pennsylvania, USA, 6-8 November 2001, pp. 196–205 (2001)

    Google Scholar 

  34. Sarkar, P.: Improving upon the TET mode of operation. In: Nam, K.-H., Rhee, G. (eds.) ICISC 2007. LNCS, vol. 4817, pp. 180–192. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-76788-6_15

    Chapter  Google Scholar 

  35. Wang, P., Feng, D., Wu, W.: HCTR: a variable-input-length enciphering mode. In: Feng, D., Lin, D., Yung, M. (eds.) CISC 2005. LNCS, vol. 3822, pp. 175–188. Springer, Heidelberg (2005). https://doi.org/10.1007/11599548_15

    Chapter  Google Scholar 

  36. Smith, J.L., Ehrsam, W.F., Meyer, C.H.W., Tuchman, W.L.: Message verification and transmission error detection by block chaining. US Patent 4074066 (1976)

    Google Scholar 

Download references

Acknowledgements

Authors are supported by the WISEKEY project of R.C.Bose Centre for Cryptology and Security. The authors would like to thank all the anonymous reviewers of Indocrypt 2018 for their invaluable comments and suggestions that help to improve the overall quality of the paper.

Author information

Authors and Affiliations

  1. Indian Statistical Institute, Kolkata, India

    Avijit Dutta & Mridul Nandi

Authors
  1. Avijit Dutta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mridul Nandi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Avijit Dutta .

Editor information

Editors and Affiliations

  1. Indian Statistical Institute, Kolkata, India

    Debrup Chakraborty

  2. Nagoya University, Nagoya, Japan

    Tetsu Iwata

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Dutta, A., Nandi, M. (2018). Tweakable HCTR: A BBB Secure Tweakable Enciphering Scheme. In: Chakraborty, D., Iwata, T. (eds) Progress in Cryptology – INDOCRYPT 2018. INDOCRYPT 2018. Lecture Notes in Computer Science(), vol 11356. Springer, Cham. https://doi.org/10.1007/978-3-030-05378-9_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-05378-9_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-05377-2

  • Online ISBN: 978-3-030-05378-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation