International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Towards Tight Security of Cascaded LRW2

Authors:
Bart Mennink
Download:
DOI: 10.1007/978-3-030-03810-6_8
Search ePrint
Search Google
Conference: TCC 2018
Abstract: The Cascaded LRW2 tweakable block cipher was introduced by Landecker et al. at CRYPTO 2012, and proven secure up to $$2^{2n/3}$$ queries. There has not been any attack on the construction faster than the generic attack in $$2^n$$ queries. In this work we initiate the quest towards a tight bound. We first present a distinguishing attack in $$2n^{1/2}2^{3n/4}$$ queries against a generalized version of the scheme. The attack is supported with an experimental verification and a formal success probability analysis. We subsequently discuss non-trivial bottlenecks in proving tight security, most importantly the distinguisher’s freedom in choosing the tweak values. Finally, we prove that if every tweak value occurs at most $$2^{n/4}$$ times, Cascaded LRW2 is secure up to $$2^{3n/4}$$ queries.
BibTeX
@inproceedings{tcc-2018-29034,
  title={Towards Tight Security of Cascaded LRW2},
  booktitle={Theory of Cryptography},
  series={Theory of Cryptography},
  publisher={Springer},
  volume={11240},
  pages={192-222},
  doi={10.1007/978-3-030-03810-6_8},
  author={Bart Mennink},
  year=2018
}