CryptoDB
TNT: How to Tweak a Block Cipher
| Authors: |
|
|---|---|
| Download: |
|
| Conference: | EUROCRYPT 2020 |
| Abstract: | In this paper, we propose Tweak-aNd-Tweak (TNT for short) mode, which builds a tweakable block cipher from three independent block ciphers. TNT handles the tweak input by simply XOR-ing the unmodified tweak into the internal state of block ciphers twice. Due to its simplicity, TNT can also be viewed as a way of turning a block cipher into a tweakable block cipher by dividing the block cipher into three chunks, and adding the tweak at the two cutting points only. TNT is proven to be of beyond-birthday-bound $2^{2n/3}$ security, under the assumption that the three chunks are independent secure $n$-bit SPRPs. It clearly brings minimum possible overhead to both software and hardware implementations. To demonstrate this, an instantiation named TNT-AES with 6, 6, 6 rounds of AES as the underlying block ciphers is proposed. Besides the inherent proven security bound and tweak-independent rekeying feature of the TNT mode, the performance of TNT-AES is comparable with all existing TBCs designed through modular methods. |
Video from EUROCRYPT 2020
BibTeX
@inproceedings{eurocrypt-2020-30223,
title={TNT: How to Tweak a Block Cipher},
booktitle={39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, May 10–14, 2020, Proceedings},
series={Lecture Notes in Computer Science},
publisher={Springer},
keywords={AES;tweakable block cipher;$\\chi^2$ method;proof},
volume={12105},
doi={10.1007/978-3-030-45724-2_22},
author={Zhenzhen Bao and Chun Guo and Jian Guo and Ling Song},
year=2020
}