References of "Cogliati, Benoît-Michel 50025448"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailMulti-user Security Bound for Filter Permutators in the Random Oracle Model
Cogliati, Benoît-Michel UL; Tanguy, Titouan UL

in Designs, Codes and Cryptography (2019)

At EUROCRYPT 2016, Méaux et al. introduced a new design strategy for symmetric ciphers for Fully Homomorphic Encryption (FHE), which they dubbed filter permutators. Although less efficient than classical ... [more ▼]

At EUROCRYPT 2016, Méaux et al. introduced a new design strategy for symmetric ciphers for Fully Homomorphic Encryption (FHE), which they dubbed filter permutators. Although less efficient than classical stream ciphers, when used in conjunction with an adequate FHE scheme, they allow constant and small noise growth when homomorphically evaluating decryption circuit. In this article, we present a security proof up to the birthday bound (with respect to the size of the IV and the size of the key space) for this new structure in the random oracle model and in the multi-user setting. In particular, this result justifies the theoretical soundness of filter permutators. We also provide a related-key attack against all instances of FLIP, a stream cipher based on this design. [less ▲]

Detailed reference viewed: 32 (0 UL)
Full Text
Peer Reviewed
See detailProvable Security of (Tweakable) Block Ciphers Based on Substitution-Permutation Networks
Cogliati, Benoît-Michel UL; Dodis, Yevgeniy; Katz, Jonathan et al

in Provable Security of (Tweakable) Block Ciphers Based on Substitution-Permutation Networks (2018)

Substitution-Permutation Networks (SPNs) refer to a family of constructions which build a wn-bit block cipher from n-bit public permutations (often called S-boxes), which alternate keyless and “local” ... [more ▼]

Substitution-Permutation Networks (SPNs) refer to a family of constructions which build a wn-bit block cipher from n-bit public permutations (often called S-boxes), which alternate keyless and “local” substitution steps utilizing such S-boxes, with keyed and “global” permu- tation steps which are non-cryptographic. Many widely deployed block ciphers are constructed based on the SPNs, but there are essentially no provable-security results about SPNs. In this work, we initiate a comprehensive study of the provable security of SPNs as (possibly tweakable) wn-bit block ciphers, when the underlying n-bit permutation is modeled as a public random permutation. When the permutation step is linear (which is the case for most existing designs), we show that 3 SPN rounds are necessary and sufficient for security. On the other hand, even 1-round SPNs can be secure when non-linearity is allowed. Moreover, 2-round non-linear SPNs can achieve “beyond- birthday” (up to 2 2n/3 adversarial queries) security, and, as the number of non-linear rounds increases, our bounds are meaningful for the number of queries approaching 2 n . Finally, our non-linear SPNs can be made tweakable by incorporating the tweak into the permutation layer, and provide good multi-user security. As an application, our construction can turn two public n-bit permuta- tions (or fixed-key block ciphers) into a tweakable block cipher working on wn-bit inputs, 6n-bit key and an n-bit tweak (for any w ≥ 2); the tweakable block cipher provides security up to 2 2n/3 adversarial queries in the random permutation model, while only requiring w calls to each permutation, and 3w field multiplications for each wn-bit input. [less ▲]

Detailed reference viewed: 25 (0 UL)
Full Text
Peer Reviewed
See detailTweaking a block cipher: multi-user beyond-birthday-bound security in the standard model
Cogliati, Benoît-Michel UL

in Designs, Codes and Cryptography (2018)

In this paper, we present a generic construction to create a secure tweakable block cipher from a secure block cipher. Our construction is very natural, requiring four calls to the underlying block cipher ... [more ▼]

In this paper, we present a generic construction to create a secure tweakable block cipher from a secure block cipher. Our construction is very natural, requiring four calls to the underlying block cipher for each call of the tweakable block cipher. Moreover, it is provably secure in the standard model while keeping the security degradation minimal in the multi-user setting. In more details, if the underlying blockcipher E uses n-bit blocks and 2n-bit keys, then our construction is proven secure against multi-user adversaries using up to roughly 2n time and queries as long as E is a secure block cipher. [less ▲]

Detailed reference viewed: 89 (6 UL)
Full Text
Peer Reviewed
See detailNew Constructions of MACs from (Tweakable) Block Ciphers
Cogliati, Benoît-Michel UL; Lee, Jooyoung; Seurin, Yannick

in IACR Transactions on Symmetric Cryptology (2017)

We propose new constructions of Message Authentication Codes (MACs) from tweakable or conventional block ciphers. Our new schemes are either stateless and deterministic, nonce-based, or randomized, and ... [more ▼]

We propose new constructions of Message Authentication Codes (MACs) from tweakable or conventional block ciphers. Our new schemes are either stateless and deterministic, nonce-based, or randomized, and provably secure either in the standard model for tweakable block cipher-based ones, or in the ideal cipher model for block cipher-based ones. All our constructions are very efficient, requiring only one call to the underlying (tweakable) block cipher in addition to universally hashing the message. Moreover, the security bounds we obtain are quite strong: they are beyond the birthday bound, and nonce-based/randomized variants provide graceful security degradation in case of misuse, i.e., the security bound degrades linearly with the maximal number of repetitions of nonces/random values. [less ▲]

Detailed reference viewed: 23 (1 UL)