A theoretical treatment of related-key attacks: RKA-PRPs, RKA-PRFs, and applications

In this article, the concept of related-key deriving (RKD) functions is introduced, and a theoretical investigation of the block-cipher design-goal of security against RKAs is initiated.

Abstract:

We initiate a theoretical investigation of the popular block-cipher design-goal of security against related-key attacks (RKAs). We begin by introducing definitions for the concepts of PRPs and PRFs secure against classes of RKAs, each such class being specified by an associated set of related-key deriving (RKD) functions. Then for some such classes of attacks, we prove impossibility results, showing that no block-cipher can resist these attacks while, for other, related classes of attacks that include popular targets in the block cipher community, we prove possibility results that provide theoretical support for the view that security against them is achievable. Finally we prove security of various block-cipher based constructs that use related keys, including a tweakable block cipher given in [14].

Content maybe subject to copyright Report

Citations

PDF

Open Access

More filters

Book ChapterDOI

BiTR: built-in tamper resilience

Seung Geol Choi,Aggelos Kiayias,Tal Malkin +2 moreUniversity of Maryland, College Park,University of Connecticut,Columbia University

Show Less

TL;DR: The notion of Built-in Tamper Resilience (BiTR) was introduced in this paper for cryptographic protocols, capturing the idea that the protocol that is encapsulated in a hardware token is designed in such a way so that tampering gives no advantage to an adversary.

...read moreread less

Book ChapterDOI

Related-Key Cryptanalysis of the Full AES-192 and AES-256

Alex Biryukov,Dmitry Khovratovich +1 moreUniversity of Luxembourg

Show Less

TL;DR: This paper shows the first key recovery attack that works for all the keys and has 299.5 time and data complexity, while the recent attack by Biryukov-Khovratovich-Nikolic works for a weak key class and has much higher complexity.

...read moreread less

Book ChapterDOI

Simple password-based encrypted key exchange protocols

Michel Abdalla,David Pointcheval +1 moreÉcole Normale Supérieure

Show Less

TL;DR: This paper presents two simple password-based encrypted key exchange protocols based on that of Bellovin and Merritt, and one of them is more suitable to scenarios in which the password is shared across several servers, while the other enjoys better security properties.

...read moreread less

Journal ArticleDOI

Tweakable Block Ciphers

Moses Liskov,Ronald L. Rivest,David Wagner +2 moreCollege of William & Mary,Massachusetts Institute of Technology,University of California, Berkeley

- 01 Jul 2011 -

Journal of Cryptology

Show Less

TL;DR: This work formalizes a cryptographic primitive, the “tweakable block cipher,” and suggests that tweakable block ciphers are easy to design, the extra cost of making a block cipher “Tweakable” is small, and it is easier to design and prove the security of applications of blockciphers that need this variability using tweakable blocks.

...read moreread less

Book ChapterDOI

Key Homomorphic PRFs and Their Applications

Dan Boneh,Kevin Lewi,Hart Montgomery,Ananth Raghunathan +3 moreStanford University

Show Less

TL;DR: The first provably secure key homomorphic PRFs in the standard model were constructed in this article, based on the learning with errors (LWE) problem and decision linear assumption.

...read moreread less

1
2
3
4
…
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

Collapse

References

PDF

Open Access

More filters

BookDOI

The Design of Rijndael

Joan Daemen,Vincent Rijmen +1 more

Show Less

TL;DR: This volume is the authoritative guide to the Rijndael algorithm and AES and professionals, researchers, and students active or interested in data encryption will find it a valuable source of information and reference.

...read moreread less

Book ChapterDOI

How to construct random functions

Oded Goldreich,Shafi Goldwasser,Silvio Micali +2 moreMassachusetts Institute of Technology

Show Less

TL;DR: A constructive theory of randomness for functions, based on computational complexity, is developed, and a pseudorandom function generator is presented that has applications in cryptography, random constructions, and complexity theory.

...read moreread less

Journal ArticleDOI

How to construct pseudorandom permutations from pseudorandom functions

Michael Luby,Charles Rackoff +1 moreUniversity of Toronto

- 01 Apr 1988 -

SIAM Journal on Computing

Show Less

TL;DR: Any pseudorandom bit generator can be used to construct a block private key cryptos system which is secure against chosen plaintext attack, which is one of the strongest known attacks against a cryptosystem.

...read moreread less

Book ChapterDOI

Cryptanalysis of Block Ciphers with Overdefined Systems of Equations

Nicolas T. Courtois,Josef Pieprzyk +1 moreMacquarie University

Show Less

TL;DR: In this article, the security of S-boxes in block ciphers was studied under an additional hypothesis that the S-box can be described by an overdefined system of algebraic equations.

...read moreread less

BookDOI

Advances in Cryptology — CRYPTO ’96

Neal Koblitz

Show Less

TL;DR: This work presents new, simple, and practical constructions of message authentication schemes based on a cryptographic hash function, and proves that NMAC and HMAC are proven to be secure as long as the underlying hash function has some reasonable cryptographic strengths.

...read moreread less