TY - GEN
T1 - Tight Security Analysis of 3-Round Key-Alternating Cipher with a Single Permutation
AU - Wu, Yusai
AU - Yu, Liqing
AU - Cao, Zhenfu
AU - Dong, Xiaolei
N1 - Publisher Copyright:
© 2020, International Association for Cryptologic Research.
PY - 2020
Y1 - 2020
N2 - The tight security bound of the KAC (Key-Alternating Cipher) construction whose round permutations are independent from each other has been well studied. Then a natural question is how the security bound will change when we use fewer permutations in a KAC construction. In CRYPTO 2014, Chen et al. proved that 2-round KAC with a single permutation (2KACSP) has the same security level as the classic one (i.e., 2-round KAC). But we still know little about the security bound of incompletely-independent KAC constructions with more than 2 rounds. In this paper, we will show that a similar result also holds for 3-round case. More concretely, we prove that 3-round KAC with a single permutation (3KACSP) is secure up to Θ(23n4) queries, which also caps the security of 3-round KAC. To avoid the cumbersome graphical illustration used in Chen et al.’s work, a new representation is introduced to characterize the underlying combinatorial problem. Benefited from it, we can handle the knotty dependence in a modular way, and also show a plausible way to study the security of rKACSP. Technically, we abstract a type of problems capturing the intrinsic randomness of rKACSP construction, and then propose a high-level framework to handle such problems. Furthermore, our proof techniques show some evidence that for any r, rKACSP has the same security level as the classic r-round KAC in random permutation model.
AB - The tight security bound of the KAC (Key-Alternating Cipher) construction whose round permutations are independent from each other has been well studied. Then a natural question is how the security bound will change when we use fewer permutations in a KAC construction. In CRYPTO 2014, Chen et al. proved that 2-round KAC with a single permutation (2KACSP) has the same security level as the classic one (i.e., 2-round KAC). But we still know little about the security bound of incompletely-independent KAC constructions with more than 2 rounds. In this paper, we will show that a similar result also holds for 3-round case. More concretely, we prove that 3-round KAC with a single permutation (3KACSP) is secure up to Θ(23n4) queries, which also caps the security of 3-round KAC. To avoid the cumbersome graphical illustration used in Chen et al.’s work, a new representation is introduced to characterize the underlying combinatorial problem. Benefited from it, we can handle the knotty dependence in a modular way, and also show a plausible way to study the security of rKACSP. Technically, we abstract a type of problems capturing the intrinsic randomness of rKACSP construction, and then propose a high-level framework to handle such problems. Furthermore, our proof techniques show some evidence that for any r, rKACSP has the same security level as the classic r-round KAC in random permutation model.
UR - https://www.scopus.com/pages/publications/85097819807
U2 - 10.1007/978-3-030-64837-4_22
DO - 10.1007/978-3-030-64837-4_22
M3 - 会议稿件
AN - SCOPUS:85097819807
SN - 9783030648367
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 662
EP - 693
BT - Advances in Cryptology – ASIACRYPT 2020 - 26th International Conference on the Theory and Application of Cryptology and Information Security, 2020, Proceedings
A2 - Moriai, Shiho
A2 - Wang, Huaxiong
PB - Springer Science and Business Media Deutschland GmbH
T2 - 26th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2020
Y2 - 7 December 2020 through 11 December 2020
ER -