The QARMA block cipher family. almost MDS matrices over rings with zero divisors, nearly symmetric even-mansour constructions with non-involutory central rounds …
R Avanzi - IACR Transactions on Symmetric Cryptology, 2017 - tosc.iacr.org
This paper introduces QARMA, a new family of lightweight tweakable block ciphers targeted
at applications such as memory encryption, the generation of very short tags for hardware …
at applications such as memory encryption, the generation of very short tags for hardware …
Key-alternating ciphers and key-length extension: exact bounds and multi-user security
The best existing bounds on the concrete security of key-alternating ciphers (Chen and
Steinberger, EUROCRYPT'14) are only asymptotically tight, and the quantitative gap with …
Steinberger, EUROCRYPT'14) are only asymptotically tight, and the quantitative gap with …
Encrypted davies-meyer and its dual: Towards optimal security using mirror theory
Abstract At CRYPTO 2016, Cogliati and Seurin introduced the Encrypted Davies-Meyer
construction, p_2 (p_1 (x) ⊕ x) for two n-bit permutations p_1, p_2, and proved security up to …
construction, p_2 (p_1 (x) ⊕ x) for two n-bit permutations p_1, p_2, and proved security up to …
Improved masking for tweakable blockciphers with applications to authenticated encryption
A popular approach to tweakable blockcipher design is via masking, where a certain
primitive (a blockcipher or a permutation) is preceded and followed by an easy-to-compute …
primitive (a blockcipher or a permutation) is preceded and followed by an easy-to-compute …
EWCDM: an efficient, beyond-birthday secure, nonce-misuse resistant MAC
B Cogliati, Y Seurin - Annual International Cryptology Conference, 2016 - Springer
We propose a nonce-based MAC construction called EWCDM (Encrypted Wegman-Carter
with Davies-Meyer), based on an almost xor-universal hash function and a block cipher, with …
with Davies-Meyer), based on an almost xor-universal hash function and a block cipher, with …
Efficient and secure multiparty computation from fixed-key block ciphers
Many implementations of secure computation use fixed-key AES (modeled as a random
permutation); this results in substantial performance benefits due to existing hardware …
permutation); this results in substantial performance benefits due to existing hardware …
Tweaking even-mansour ciphers
B Cogliati, R Lampe, Y Seurin - … , Santa Barbara, CA, USA, August 16-20 …, 2015 - Springer
We study how to construct efficient tweakable block ciphers in the Random Permutation
model, where all parties have access to public random permutation oracles. We propose a …
model, where all parties have access to public random permutation oracles. We propose a …
How to build pseudorandom functions from public random permutations
Pseudorandom functions are traditionally built upon block ciphers, but with the trend of
permutation based cryptography, it is a natural question to investigate the design of …
permutation based cryptography, it is a natural question to investigate the design of …
On the provable security of the iterated Even-Mansour cipher against related-key and chosen-key attacks
B Cogliati, Y Seurin - Annual International Conference on the Theory and …, 2015 - Springer
Abstract The iterated Even-Mansour cipher is a construction of a block cipher from r public
permutations P_1, ..., P_r which abstracts in a generic way the structure of key-alternating …
permutations P_1, ..., P_r which abstracts in a generic way the structure of key-alternating …
Encrypt or decrypt? to make a single-key beyond birthday secure nonce-based MAC
Abstract At CRYPTO 2016, Cogliati and Seurin have proposed a highly secure nonce-based
MAC called Encrypted Wegman-Carter with Davies-Meyer (EWCDM EWCDM) construction …
MAC called Encrypted Wegman-Carter with Davies-Meyer (EWCDM EWCDM) construction …