Block Cipher Doubling for a Post-Quantum World
Authors
Ritam Bhaumik, André Chailloux, Paul Frixons, Bart Mennink, María Naya-Plasencia
Ritam Bhaumik
Inria, Paris, France
EPFL, Lausanne, Switzerland
TII, Abu Dhabi, UAE
bhaumik dot ritam at gmail dot com
EPFL, Lausanne, Switzerland
TII, Abu Dhabi, UAE
bhaumik dot ritam at gmail dot com
Paul Frixons
Inria, Paris, France
Orange Labs, Paris, France
Loria, Nancy, France
paul dot frixons at inria dot fr
Orange Labs, Paris, France
Loria, Nancy, France
paul dot frixons at inria dot fr
Bart Mennink
Radboud University, Nijmegen, The Netherlands
b dot mennink at cs dot ru dot nl
b dot mennink at cs dot ru dot nl
María Naya-Plasencia
Inria, Paris, France
maria dot naya_plasencia at inria dot fr
maria dot naya_plasencia at inria dot fr
Keywords:
block cipher
length doubler
superposition attacks
Double-AES
cryptanalysis
post-quantum security.
Abstract
In order to maintain a similar security level in a post-quantum setting, many symmetric primitives should have to double their keys and increase their state sizes. So far, no generic way for doing this is known that would provide convincing quantum security guarantees. In this paper we propose a new generic construction, QuEME, that allows one to double the key and the state size of a block cipher in such a way that a decent level of quantum security is guaranteed. The QuEME design is inspired by the ECB-Mix-ECB (EME) construction, but is defined for a different choice of mixing function than what we have seen before, in order to withstand a new quantum superposition attack that we introduce as a side result: this quantum superposition attack exhibits a periodic property found in collisions and breaks EME and a large class of its variants. We prove that QuEME achieves n-bit security in the classical setting, where n is the block size of the underlying block cipher, and at least (n/6)-bit security in the quantum setting. We finally propose a concrete instantiation of this construction, called Double-AES, that is built with variants of the standardized AES-128 block cipher.
References
[ABKM22]
Gorjan Alagic, Chen Bai, Jonathan Katz, and Christian Majenz. Post-Quantum Security of the Even-Mansour Cipher. In Orr Dunkelman and Stefan Dziembowski, editors, Advances in Cryptology - EUROCRYPT 2022 - 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Trondheim, Norway, May 30 - June 3, 2022, Proceedings, Part III, volume 13277 of Lecture Notes in Computer Science, pages 458–487. 2022. Springer. DOI: 10.1007/978-3-031-07082-2_17
[Amb07]
Andris Ambainis. Quantum Walk Algorithm for Element Distinctness. SIAM J. Comput., 37(1):210–239, 2007. DOI: 10.1137/S0097539705447311
[BBN22]
Arghya Bhattacharjee, Ritam Bhaumik, and Mridul Nandi. Offset-Based BBB-Secure Tweakable Block-ciphers with Updatable Caches. In Takanori Isobe and Santanu Sarkar, editors, Progress in Cryptology - INDOCRYPT 2022 - 23rd International Conference on Cryptology in India, Kolkata, India, December 11-14, 2022, Proceedings, volume 13774 of Lecture Notes in Computer Science, pages 171–194. 2022. Springer. DOI: 10.1007/978-3-031-22912-1_8
[BDK+18]
Achiya Bar-On, Orr Dunkelman, Nathan Keller, Eyal Ronen, and Adi Shamir. Improved Key Recovery Attacks on Reduced-Round AES with Practical Data and Memory Complexities. In Hovav Shacham and Alexandra Boldyreva, editors, Advances in Cryptology - CRYPTO 2018 - 38th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2018, Proceedings, Part II, volume 10992 of Lecture Notes in Computer Science, pages 185–212. 2018. Springer. DOI: 10.1007/978-3-319-96881-0_7
[BGL20]
Zhenzhen Bao, Jian Guo, and Eik List. Extended Truncated-differential Distinguishers on Round-reduced AES. IACR Trans. Symmetric Cryptol., 2020(3):197–261, 2020. DOI: 10.13154/tosc.v2020.i3.197-261
[BHN+19]
Xavier Bonnetain, Akinori Hosoyamada, María Naya-Plasencia, Yu Sasaki, and André Schrottenloher. Quantum Attacks Without Superposition Queries: The Offline Simon's Algorithm. In Steven D. Galbraith and Shiho Moriai, editors, Advances in Cryptology - ASIACRYPT 2019 - 25th International Conference on the Theory and Application of Cryptology and Information Security, Kobe, Japan, December 8-12, 2019, Proceedings, Part I, volume 11921 of Lecture Notes in Computer Science, pages 552–583. 2019. Springer. DOI: 10.1007/978-3-030-34578-5_20
[BHT98]
Gilles Brassard, Peter Høyer, and Alain Tapp. Quantum Cryptanalysis of Hash and Claw-Free Functions. In Claudio L. Lucchesi and Arnaldo V. Moura, editors, LATIN '98: Theoretical Informatics, Third Latin American Symposium, Campinas, Brazil, April, 20-24, 1998, Proceedings, volume 1380 of Lecture Notes in Computer Science, pages 163–169. 1998. Springer. DOI: 10.1007/BFb0054319
[BKR98]
Mihir Bellare, Ted Krovetz, and Phillip Rogaway. Luby-Rackoff Backwards: Increasing Security by Making Block Ciphers Non-invertible. In Kaisa Nyberg, editor, Advances in Cryptology - EUROCRYPT '98, International Conference on the Theory and Application of Cryptographic Techniques, Espoo, Finland, May 31 - June 4, 1998, Proceeding, volume 1403 of Lecture Notes in Computer Science, pages 266–280. 1998. Springer. DOI: 10.1007/BFb0054132
[BLNS18]
Christina Boura, Virginie Lallemand, María Naya-Plasencia, and Valentin Suder. Making the Impossible Possible. J. Cryptol., 31(1):101–133, 2018. DOI: 10.1007/s00145-016-9251-7
[BN10]
Alex Biryukov and Ivica Nikolic. Automatic Search for Related-Key Differential Characteristics in Byte-Oriented Block Ciphers: Application to AES, Camellia, Khazad and Others. In Henri Gilbert, editor, Advances in Cryptology - EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco / French Riviera, May 30 - June 3, 2010. Proceedings, volume 6110 of Lecture Notes in Computer Science, pages 322–344. 2010. Springer. DOI: 10.1007/978-3-642-13190-5_17
[CDL+20]
Anne Canteaut, Sébastien Duval, Gaëtan Leurent, María Naya-Plasencia, Léo Perrin, Thomas Pornin, and André Schrottenloher. Saturnin: a suite of lightweight symmetric algorithms for post-quantum security. IACR Trans. Symmetric Cryptol., 2020(S1):160–207, 2020. DOI: 10.13154/tosc.v2020.iS1.160-207
[CDN+23]
Benoît Cogliati, Avijit Dutta, Mridul Nandi, Jacques Patarin, and Abishanka Saha. Proof of Mirror Theory for a Wide Range of $\xi_{\text{max}}$. In Carmit Hazay and Martijn Stam, editors, Advances in Cryptology - EUROCRYPT 2023 - 42nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Lyon, France, April 23-27, 2023, Proceedings, Part IV, volume 14007 of Lecture Notes in Computer Science, pages 470–501. 2023. Springer. DOI: 10.1007/978-3-031-30634-1_16
[CLL+14]
Shan Chen, Rodolphe Lampe, Jooyoung Lee, Yannick Seurin, and John P. Steinberger. Minimizing the Two-Round Even-Mansour Cipher. In Juan A. Garay and Rosario Gennaro, editors, Advances in Cryptology - CRYPTO 2014 - 34th Annual Cryptology Conference, Santa Barbara, CA, USA, August 17-21, 2014, Proceedings, Part I, volume 8616 of Lecture Notes in Computer Science, pages 39–56. 2014. Springer. DOI: 10.1007/978-3-662-44371-2_3
[CLP14]
Benoit Cogliati, Rodolphe Lampe, and Jacques Patarin. The Indistinguishability of the XOR of k Permutations. In Carlos Cid and Christian Rechberger, editors, Fast Software Encryption - 21st International Workshop, FSE 2014, London, UK, March 3-5, 2014. Revised Selected Papers, volume 8540 of Lecture Notes in Computer Science, pages 285–302. 2014. Springer. DOI: 10.1007/978-3-662-46706-0_15
[CNS17]
André Chailloux, María Naya-Plasencia, and André Schrottenloher. An Efficient Quantum Collision Search Algorithm and Implications on Symmetric Cryptography. In Tsuyoshi Takagi and Thomas Peyrin, editors, Advances in Cryptology - ASIACRYPT 2017 - 23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3-7, 2017, Proceedings, Part II, volume 10625 of Lecture Notes in Computer Science, pages 211–240. 2017. Springer. DOI: 10.1007/978-3-319-70697-9_8
[CS14]
Shan Chen and John P. Steinberger. Tight Security Bounds for Key-Alternating Ciphers. In Phong Q. Nguyen and Elisabeth Oswald, editors, Advances in Cryptology - EUROCRYPT 2014 - 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Copenhagen, Denmark, May 11-15, 2014. Proceedings, volume 8441 of Lecture Notes in Computer Science, pages 327–350. 2014. Springer. DOI: 10.1007/978-3-642-55220-5_19
[DFJ13]
Patrick Derbez, Pierre-Alain Fouque, and Jérémy Jean. Improved Key Recovery Attacks on Reduced-Round AES in the Single-Key Setting. In Thomas Johansson and Phong Q. Nguyen, editors, Advances in Cryptology - EUROCRYPT 2013, 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, Greece, May 26-30, 2013. Proceedings, volume 7881 of Lecture Notes in Computer Science, pages 371–387. 2013. Springer. DOI: 10.1007/978-3-642-38348-9_23
[DHT17]
Wei Dai, Viet Tung Hoang, and Stefano Tessaro. Information-Theoretic Indistinguishability via the Chi-Squared Method. In Jonathan Katz and Hovav Shacham, editors, Advances in Cryptology - CRYPTO 2017 - 37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20-24, 2017, Proceedings, Part III, volume 10403 of Lecture Notes in Computer Science, pages 497–523. 2017. Springer. DOI: 10.1007/978-3-319-63697-9_17
[Din15]
Itai Dinur. Cryptanalytic Time-Memory-Data Tradeoffs for FX-Constructions with Applications to PRINCE and PRIDE. In Elisabeth Oswald and Marc Fischlin, editors, Advances in Cryptology - EUROCRYPT 2015 - 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26-30, 2015, Proceedings, Part I, volume 9056 of Lecture Notes in Computer Science, pages 231–253. 2015. Springer. DOI: 10.1007/978-3-662-46800-5_10
[DKRS20]
Orr Dunkelman, Nathan Keller, Eyal Ronen, and Adi Shamir. The Retracing Boomerang Attack. In Anne Canteaut and Yuval Ishai, editors, Advances in Cryptology - EUROCRYPT 2020 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, May 10-14, 2020, Proceedings, Part I, volume 12105 of Lecture Notes in Computer Science, pages 280–309. 2020. Springer. DOI: 10.1007/978-3-030-45721-1_11
[DKS10]
Orr Dunkelman, Nathan Keller, and Adi Shamir. Improved Single-Key Attacks on 8-Round AES-192 and AES-256. In Masayuki Abe, editor, Advances in Cryptology - ASIACRYPT 2010 - 16th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 5-9, 2010. Proceedings, volume 6477 of Lecture Notes in Computer Science, pages 158–176. 2010. Springer. DOI: 10.1007/978-3-642-17373-8_10
[DNS22]
Avijit Dutta, Mridul Nandi, and Abishanka Saha. Proof of Mirror Theory for $\xi_{\text{max}} = 2$. IEEE Trans. Inf. Theory, 68(9):6218–6232, 2022. DOI: 10.1109/TIT.2022.3171178
[DR02]
Joan Daemen and Vincent Rijmen. The Design of Rijndael: AES - The Advanced Encryption Standard. Information Security and Cryptography. Springer 2002. DOI: 10.1007/978-3-662-04722-4
[DW18]
Xiaoyang Dong and Xiaoyun Wang. Quantum key-recovery attack on Feistel structures. Sci. China Inf. Sci., 61(10):102501:1–102501:7, 2018. DOI: 10.1007/s11432-017-9468-y
[FJP13]
Pierre-Alain Fouque, Jérémy Jean, and Thomas Peyrin. Structural Evaluation of AES and Chosen-Key Distinguisher of 9-Round AES-128. In Ran Canetti and Juan A. Garay, editors, Advances in Cryptology - CRYPTO 2013 - 33rd Annual Cryptology Conference, Santa Barbara, CA, USA, August 18-22, 2013. Proceedings, Part I, volume 8042 of Lecture Notes in Computer Science, pages 183–203. 2013. Springer. DOI: 10.1007/978-3-642-40041-4_11
[FKL+00]
Niels Ferguson, John Kelsey, Stefan Lucks, Bruce Schneier, Michael Stay, David A. Wagner, and Doug Whiting. Improved Cryptanalysis of Rijndael. In Bruce Schneier, editor, Fast Software Encryption, 7th International Workshop, FSE 2000, New York, NY, USA, April 10-12, 2000, Proceedings, volume 1978 of Lecture Notes in Computer Science, pages 213–230. 2000. Springer. DOI: 10.1007/3-540-44706-7_15
[Gil14]
Henri Gilbert. A Simplified Representation of AES. In Palash Sarkar and Tetsu Iwata, editors, Advances in Cryptology - ASIACRYPT 2014 - 20th International Conference on the Theory and Application of Cryptology and Information Security, Kaoshiung, Taiwan, R.O.C., December 7-11, 2014. Proceedings, Part I, volume 8873 of Lecture Notes in Computer Science, pages 200–222. 2014. Springer. DOI: 10.1007/978-3-662-45611-8_11
[GLR+20]
Lorenzo Grassi, Gregor Leander, Christian Rechberger, Cihangir Tezcan, and Friedrich Wiemer. Weak-Key Distinguishers for AES. In Orr Dunkelman, Michael J. Jacobson Jr., and Colin O'Flynn, editors, Selected Areas in Cryptography - SAC 2020 - 27th International Conference, Halifax, NS, Canada (Virtual Event), October 21-23, 2020, Revised Selected Papers, volume 12804 of Lecture Notes in Computer Science, pages 141–170. 2020. Springer. DOI: 10.1007/978-3-030-81652-0_6
[GR20]
Lorenzo Grassi and Christian Rechberger. Revisiting Gilbert's known-key distinguisher. Des. Codes Cryptogr., 88(7):1401–1445, 2020. DOI: 10.1007/s10623-020-00756-5
[Gro96]
Lov K. Grover. A Fast Quantum Mechanical Algorithm for Database Search. In Gary L. Miller, editor, Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing, Philadelphia, Pennsylvania, USA, May 22-24, 1996, pages 212–219. 1996. ACM. DOI: 10.1145/237814.237866
[HI19]
Akinori Hosoyamada and Tetsu Iwata. 4-Round Luby-Rackoff Construction is a qPRP. In Steven D. Galbraith and Shiho Moriai, editors, Advances in Cryptology - ASIACRYPT 2019 - 25th International Conference on the Theory and Application of Cryptology and Information Security, Kobe, Japan, December 8-12, 2019, Proceedings, Part I, volume 11921 of Lecture Notes in Computer Science, pages 145–174. 2019. Springer. DOI: 10.1007/978-3-030-34578-5_6
[HI21]
Akinori Hosoyamada and Tetsu Iwata. Provably Quantum-Secure Tweakable Block Ciphers. IACR Trans. Symmetric Cryptol., 2021(1):337–377, 2021. DOI: 10.46586/tosc.v2021.i1.337-377
[HR04]
Shai Halevi and Phillip Rogaway. A Parallelizable Enciphering Mode. In Tatsuaki Okamoto, editor, Topics in Cryptology - CT-RSA 2004, The Cryptographers' Track at the RSA Conference 2004, San Francisco, CA, USA, February 23-27, 2004, Proceedings, volume 2964 of Lecture Notes in Computer Science, pages 292–304. 2004. Springer. DOI: 10.1007/978-3-540-24660-2_23
[IHM+18]
Gembu Ito, Akinori Hosoyamada, Ryutaroh Matsumoto, Yu Sasaki, and Tetsu Iwata. Quantum Chosen-Ciphertext Attacks against Feistel Ciphers. Cryptology ePrint Archive, Report 2018/1193. 2018.
[IHM+19]
Gembu Ito, Akinori Hosoyamada, Ryutaroh Matsumoto, Yu Sasaki, and Tetsu Iwata. Quantum Chosen-Ciphertext Attacks Against Feistel Ciphers. In Mitsuru Matsui, editor, Topics in Cryptology - CT-RSA 2019 - The Cryptographers' Track at the RSA Conference 2019, San Francisco, CA, USA, March 4-8, 2019, Proceedings, volume 11405 of Lecture Notes in Computer Science, pages 391–411. 2019. Springer. DOI: 10.1007/978-3-030-12612-4_20
[IMV16]
Tetsu Iwata, Bart Mennink, and Damian Vizár. CENC is Optimally Secure. Cryptology ePrint Archive, Paper 2016/1087. 2016.
[JST21]
Joseph Jaeger, Fang Song, and Stefano Tessaro. Quantum Key-Length Extension. In Kobbi Nissim and Brent Waters, editors, Theory of Cryptography - 19th International Conference, TCC 2021, Raleigh, NC, USA, November 8-11, 2021, Proceedings, Part I, volume 13042 of Lecture Notes in Computer Science, pages 209–239. 2021. Springer. DOI: 10.1007/978-3-030-90459-3_8
[KLLN16a]
Marc Kaplan, Gaëtan Leurent, Anthony Leverrier, and María Naya-Plasencia. Breaking Symmetric Cryptosystems Using Quantum Period Finding. In Matthew Robshaw and Jonathan Katz, editors, Advances in Cryptology - CRYPTO 2016 - 36th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 14-18, 2016, Proceedings, Part II, volume 9815 of Lecture Notes in Computer Science, pages 207–237. 2016. Springer. DOI: 10.1007/978-3-662-53008-5_8
[KLLN16b]
Marc Kaplan, Gaëtan Leurent, Anthony Leverrier, and María Naya-Plasencia. Quantum Differential and Linear Cryptanalysis. IACR Trans. Symmetric Cryptol., 2016(1):71–94, 2016. DOI: 10.13154/tosc.v2016.i1.71-94
[KM10]
Hidenori Kuwakado and Masakatu Morii. Quantum distinguisher between the 3-round Feistel cipher and the random permutation. In IEEE International Symposium on Information Theory, ISIT 2010, June 13-18, 2010, Austin, Texas, USA, Proceedings, pages 2682–2685. 2010. IEEE. DOI: 10.1109/ISIT.2010.5513654
[KM12]
Hidenori Kuwakado and Masakatu Morii. Security on the quantum-type Even-Mansour cipher. In Proceedings of the International Symposium on Information Theory and its Applications, ISITA 2012, Honolulu, HI, USA, October 28-31, 2012, pages 312–316. 2012. IEEE.
[KR01]
Joe Kilian and Phillip Rogaway. How to Protect DES Against Exhaustive Key Search (an Analysis of DESX). J. Cryptol., 14(1):17–35, 2001. DOI: 10.1007/s001450010015
[LDKK08]
Jiqiang Lu, Orr Dunkelman, Nathan Keller, and Jongsung Kim. New Impossible Differential Attacks on AES. In Dipanwita Roy Chowdhury, Vincent Rijmen, and Abhijit Das, editors, Progress in Cryptology - INDOCRYPT 2008, 9th International Conference on Cryptology in India, Kharagpur, India, December 14-17, 2008. Proceedings, volume 5365 of Lecture Notes in Computer Science, pages 279–293. 2008. Springer. DOI: 10.1007/978-3-540-89754-5_22
[LM92]
Xuejia Lai and James L. Massey. Hash Function Based on Block Ciphers. In Rainer A. Rueppel, editor, Advances in Cryptology - EUROCRYPT '92, Workshop on the Theory and Application of of Cryptographic Techniques, Balatonfüred, Hungary, May 24-28, 1992, Proceedings, volume 658 of Lecture Notes in Computer Science, pages 55–70. 1992. Springer. DOI: 10.1007/3-540-47555-9_5
[LM17]
Gregor Leander and Alexander May. Grover Meets Simon - Quantumly Attacking the FX-construction. In Tsuyoshi Takagi and Thomas Peyrin, editors, Advances in Cryptology - ASIACRYPT 2017 - 23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3-7, 2017, Proceedings, Part II, volume 10625 of Lecture Notes in Computer Science, pages 161–178. 2017. Springer. DOI: 10.1007/978-3-319-70697-9_6
[LP21]
Gaëtan Leurent and Clara Pernot. New Representations of the AES Key Schedule. In Anne Canteaut and François-Xavier Standaert, editors, Advances in Cryptology - EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, October 17-21, 2021, Proceedings, Part I, volume 12696 of Lecture Notes in Computer Science, pages 54–84. 2021. Springer. DOI: 10.1007/978-3-030-77870-5_3
[Luc00]
Stefan Lucks. The Sum of PRPs Is a Secure PRF. In Bart Preneel, editor, Advances in Cryptology - EUROCRYPT 2000, International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000, Proceeding, volume 1807 of Lecture Notes in Computer Science, pages 470–484. 2000. Springer. DOI: 10.1007/3-540-45539-6_34
[MN17]
Bart Mennink and Samuel Neves. Encrypted Davies-Meyer and Its Dual: Towards Optimal Security Using Mirror Theory. In Jonathan Katz and Hovav Shacham, editors, Advances in Cryptology - CRYPTO 2017 - 37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20-24, 2017, Proceedings, Part III, volume 10403 of Lecture Notes in Computer Science, pages 556–583. 2017. Springer. DOI: 10.1007/978-3-319-63697-9_19
[Pat03]
Jacques Patarin. Luby-Rackoff: 7 Rounds Are Enough for $2^{n(1-\epsilon)}$ Security. In Dan Boneh, editor, Advances in Cryptology - CRYPTO 2003, 23rd Annual International Cryptology Conference, Santa Barbara, California, USA, August 17-21, 2003, Proceedings, volume 2729 of Lecture Notes in Computer Science, pages 513–529. 2003. Springer. DOI: 10.1007/978-3-540-45146-4_30
[Pat04]
Jacques Patarin. Security of Random Feistel Schemes with 5 or More Rounds. In Matthew K. Franklin, editor, Advances in Cryptology - CRYPTO 2004, 24th Annual International CryptologyConference, Santa Barbara, California, USA, August 15-19, 2004, Proceedings, volume 3152 of Lecture Notes in Computer Science, pages 106–122. 2004. Springer. DOI: 10.1007/978-3-540-28628-8_7
[Pat05]
Jacques Patarin. On Linear Systems of Equations with Distinct Variables and Small Block Size. In Dongho Won and Seungjoo Kim, editors, Information Security and Cryptology - ICISC 2005, 8th International Conference, Seoul, Korea, December 1-2, 2005, Revised Selected Papers, volume 3935 of Lecture Notes in Computer Science, pages 299–321. 2005. Springer. DOI: 10.1007/11734727_25
[Pat08a]
Jacques Patarin. A Proof of Security in $O(2^n)$ for the Xor of Two Random Permutations. In Reihaneh Safavi-Naini, editor, Information Theoretic Security, Third International Conference, ICITS 2008, Calgary, Canada, August 10-13, 2008, Proceedings, volume 5155 of Lecture Notes in Computer Science, pages 232–248. 2008. Springer. DOI: 10.1007/978-3-540-85093-9_22
[Pat08b]
Jacques Patarin. The “Coefficients H” Technique. In Roberto Maria Avanzi, Liam Keliher, and Francesco Sica, editors, Selected Areas in Cryptography, 15th International Workshop, SAC 2008, Sackville, New Brunswick, Canada, August 14-15, Revised Selected Papers, volume 5381 of Lecture Notes in Computer Science, pages 328–345. 2008. Springer. DOI: 10.1007/978-3-642-04159-4_21
[Pat10a]
Jacques Patarin. Introduction to Mirror Theory: Analysis of Systems of Linear Equalities and Linear Non Equalities for Cryptography. Cryptology ePrint Archive, Paper 2010/287. 2010.
[Pat10b]
Jacques Patarin. Security of balanced and unbalanced Feistel Schemes with Linear Non Equalities. Cryptology ePrint Archive, Paper 2010/293. 2010.
[RBH17]
Sondre Rønjom, Navid Ghaedi Bardeh, and Tor Helleseth. Yoyo Tricks with AES. In Tsuyoshi Takagi and Thomas Peyrin, editors, Advances in Cryptology - ASIACRYPT 2017 - 23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3-7, 2017, Proceedings, Part I, volume 10624 of Lecture Notes in Computer Science, pages 217–243. 2017. Springer. DOI: 10.1007/978-3-319-70694-8_8
[RSP21]
Mostafizar Rahman, Dhiman Saha, and Goutam Paul. Boomeyong: Embedding Yoyo within Boomerang and its Applications to Key Recovery Attacks on AES and Pholkos. IACR Trans. Symmetric Cryptol., 2021(3):137–169, 2021. DOI: 10.46586/tosc.v2021.i3.137-169
[Sim97]
Daniel R. Simon. On the Power of Quantum Computation. SIAM J. Comput., 26(5):1474–1483, 1997. DOI: 10.1137/S0097539796298637
[SS16]
Peter Schwabe and Ko Stoffelen. All the AES You Need on Cortex-M3 and M4. In Roberto Avanzi and Howard M. Heys, editors, Selected Areas in Cryptography - SAC 2016 - 23rd International Conference, St. John's, NL, Canada, August 10-12, 2016, Revised Selected Papers, volume 10532 of Lecture Notes in Computer Science, pages 180–194. 2016. Springer. DOI: 10.1007/978-3-319-69453-5_10
[Tun12]
Michael Tunstall. Improved “Partial Sums”-based Square Attack on AES. In Pierangela Samarati, Wenjing Lou, and Jianying Zhou, editors, SECRYPT 2012 - Proceedings of the International Conference on Security and Cryptography, Rome, Italy, 24-27 July, 2012, SECRYPT is part of ICETE - The International Joint Conference on e-Business and Telecommunications, pages 25–34. 2012. SciTePress.
[Unr21]
Dominique Unruh. Compressed Permutation Oracles (And the Collision-Resistance of Sponge/SHA3). Cryptology ePrint Archive, Report 2021/062. 2021.
[Zha15]
Mark Zhandry. A note on the quantum collision and set equality problems. Quantum Inf. Comput., 15(7&8):557–567, 2015. DOI: 10.26421/QIC15.7-8-2
[Zha16]
Mark Zhandry. A Note on Quantum-Secure PRPs. Cryptology ePrint Archive, Report 2016/1076. 2016.
[Zha19]
Mark Zhandry. How to Record Quantum Queries, and Applications to Quantum Indifferentiability. In Alexandra Boldyreva and Daniele Micciancio, editors, Advances in Cryptology - CRYPTO 2019 - 39th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 18-22, 2019, Proceedings, Part II, volume 11693 of Lecture Notes in Computer Science, pages 239–268. 2019. Springer. DOI: 10.1007/978-3-030-26951-7_9
[ZHY18]
Ping Zhang, Honggang Hu, and Qian Yuan. Close to Optimally Secure Variants of GCM. Secur. Commun. Networks, 2018:9715947:1–9715947:12, 2018. DOI: 10.1155/2018/9715947
PDF
History
Submitted: 2024-04-08
Accepted: 2024-09-02
Published: 2024-10-07
Accepted: 2024-09-02
Published: 2024-10-07
How to cite
Ritam Bhaumik, André Chailloux, Paul Frixons, Bart Mennink, and María Naya-Plasencia, Block Cipher Doubling for a Post-Quantum World. IACR Communications in Cryptology, vol. 1, no. 3, Oct 07, 2024, doi: 10.62056/av4fvua5v.
License
Copyright is held by the author(s)
This work is licensed under a Creative Commons Attribution (CC BY) license.