Tweakable Blockciphers with Asymptotically Optimal Security

Conference paper

DOI: 10.1007/978-3-662-43933-3_8

Part of the Lecture Notes in Computer Science book series (LNCS, volume 8424)
Cite this paper as:
Lampe R., Seurin Y. (2014) Tweakable Blockciphers with Asymptotically Optimal Security. In: Moriai S. (eds) Fast Software Encryption. FSE 2013. Lecture Notes in Computer Science, vol 8424. Springer, Berlin, Heidelberg


We consider tweakable blockciphers with beyond the birthday bound security. Landecker, Shrimpton, and Terashima (CRYPTO 2012) gave the first construction with security up to \(\mathcal {O}(2^{2n/3})\) adversarial queries (\(n\) denotes the block size in bits of the underlying blockcipher), and for which changing the tweak does not require changing the keys for blockcipher calls. In this paper, we extend this construction, which consists of two rounds of a previous proposal by Liskov, Rivest, and Wagner (CRYPTO 2002), by considering larger numbers of rounds \(r>2\). We show that asymptotically, as \(r\) increases, the resulting tweakable blockcipher approaches security up to the information bound, namely \(\mathcal {O}(2^n)\) queries. Our analysis makes use of a coupling argument, and carries some similarities with the analysis of the iterated Even-Mansour cipher by Lampe, Patarin, and Seurin (ASIACRYPT 2012).


Tweakable blockcipher Beyond birthday bound Coupling Message authentication code 

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  1. 1.University of VersaillesVersaillesFrance
  2. 2.ANSSIParisFrance

Personalised recommendations