Provable Security of (Tweakable) Block Ciphers Based on - PowerPoint PPT Presentation

Provable Security of (Tweakable) Block Ciphers Based on Substitution-Permutation Networks Benoit Cogliati Yevgeniy Dodis Jonathan Katz Jooyoung Lee John Steinberger John Steinberger Aishwarya Thiruvengadam Aishwarya Thiruvengadam Zhe Zhang Zhe Zhang 1

Block Ciphers • Building block for many cryptographic constructions • Hash functions Hash functions • Encryption schemes • Message authentication codes • Keyed permutations • Popular Design Paradigms • Feistel Networks • Feistel Networks • Substitution-Permutation Networks 2

Block Ciphers: Designs • Popular Design Paradigms • Feistel Network Feistel Network • Eg: DES • Substitution-Permutation Network (SPN) • Eg: AES

Block Ciphers: Designs • Popular Design Paradigms • Feistel Network Feistel Network • Eg: DES • Long line of work analyzing provable security of Feistel [LR88, Pat03, Pat04] • Security been studied in various security models [Pat10, HR10, HKT11, Tes14, CHKPST16] • Substitution-Permutation Network (SPN) • Substitution-Permutation Network (SPN) • Eg: AES • In contrast, provable security of SPNs not as well-studied

Related Work

Related Work

Substitution-Permutation Network (SPN)

Substitution-Permutation Network (SPN) . . .

Substitution-Permutation Network (SPN) . . .

Substitution-Permutation Network (SPN)

Substitution-Permutation Network (SPN) . . .

Substitution-Permutation Networks Substitution- Permutation step

Security of SPNs

Security of SPNs 14

Security of SPNs 15

Security of SPNs 16

Security of SPNs • Ideal World • Real World 17

Categorizing SPNs Linear function

Categorizing SPNs

Categorizing SPNs Non-linear function

Results: Linear SPNs

Results: Non-linear SPNs

Interpreting our Results

Interpreting our Results

Results

Constructing Non-linear SPNs

Constructing Non-linear SPNs: Blockwise Universal Permutations

Constructing Non-linear SPNs: Blockwise Universal Permutations

Constructing Non-linear SPNs: Blockwise Universal Permutations

Non-linear SPNs via Blockwise Universal Permutations . . .

Non-linear SPNs via Blockwise Universal Permutations . . .

Non-linear SPNs via Blockwise Universal Permutations

Results

Security of 3-round linear SPN

Security of 3-round Linear SPNs

Results

Takeaway

Thank You

Constructing Non-linear SPNs

SPNs: Applications 1-round SPN

Constructing Non-linear SPNs: Blockwise Universal Permutations