Paper 2024/2053

Optimally Secure TBC Based Accordion Mode

Nilanjan Datta, Institute for Advancing Intelligence (IAI) TCG CREST, Kolkata, India
Avijit Dutta, Institute for Advancing Intelligence (IAI) TCG CREST, Kolkata, India, Academy of Scientific and Innovative Research (AcSIR), Ghaziabad, India
Shibam Ghosh, Department of Computer Science, University of Haifa, Haifa, Israel
Hrithik Nandi, Institute for Advancing Intelligence (IAI) TCG CREST, Kolkata, India, Ramakrishna Mission Vivekananda Educational and Research Institute, Belur, India
Abstract

The design of tweakable wide block ciphers has advanced significantly over the past two decades. This evolution began with the approach of designing a wide block cipher by Naor and Reingold. Since then, numerous tweakable wide block ciphers have been proposed, many of which build on existing block ciphers and are secure up to the birthday bound for the total number of blocks queried. Although there has been a slowdown in the development of tweakable wide block cipher modes in last couple of years, the latest NIST proposal for accordion modes has reignited interest and momentum in the design and analysis of these ciphers. Although new designs have emerged, their security often falls short of optimal (i.e., $n$-bit) security, where $n$ is the output size of the primitive. In this direction, designing an efficient tweakable wide block cipher with $n$-bit security seems to be an interesting research problem. An optimally secure tweakable wide block cipher mode can easily be turned into a misuse-resistant RUP secure authenticated encryption scheme with optimal security. This paper proposes $\textsf{HCTR+}$, which turns an $n$-bit tweakable block cipher (TBC) with $n$-bit tweak into a variable input length tweakable block cipher. Unlike tweakable \textsf{HCTR}, $\textsf{HCTR+}$ ensures $n$-bit security regardless of tweak repetitions. We also propose two TBC-based almost-xor-universal hash functions, named $\textsf{PHASH+}$ and $\textsf{ZHASH+}$, and use them as the underlying hash functions in the $\textsf{HCTR+}$ construction to create two TBC-based $n$-bit secure tweakable wide block cipher modes, $\textsf{PHCTR+}$ and $\textsf{ZHCTR+}$. Experimental results show that both $\textsf{PHCTR+}$ and $\textsf{ZHCTR+}$ exhibit excellent software performance when their underlying TBC is instantiated with \textsf{Deoxys-BC-128-128}.

Note: An initial version of this work used four-round TBC based LR construction on the left side of our proposed TES. We would like to thank Eik List for his suggestion in improving the design to achieve the same security bound of the proposed TES construction using three-round TBC based LR construction.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
Tweakable Wide Block EncipheringTweakable Block CipherSTPRPOptimal SecurityHCTR
Contact author(s)
nilanjan datta @ tcgcrest org
avirocks dutta13 @ gmail com
sghosh03 @ campus haifa ac il
hrithik nandi 85 @ tcgcrest org
History
2024-12-26: revised
2024-12-20: received
See all versions
Short URL
https://ia.cr/2024/2053
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/2053,
      author = {Nilanjan Datta and Avijit Dutta and Shibam Ghosh and Hrithik Nandi},
      title = {Optimally Secure {TBC} Based Accordion Mode},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/2053},
      year = {2024},
      url = {https://eprint.iacr.org/2024/2053}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.