New Approach towards Generalizing Feistel Networks and Its Provable Security

This paper proposes a new approach to generalizing Feistel networks, which unifies the classical (balanced) Feistel network and the Lai–Massey structure. We call the new structure extended Feistel (E-Feistel) network. To justify its soundness, we investigate its indistinguishability using Patarin’s H-coefficient technique. As a result, it is proved that the 4-round key-alternating E-Feistel (KAEF) cipher with adequately derived keys and identical round functions is secure up to 2 n / 2 queries, i.e., birthday-bound security. In addition, when adjacent round keys are independent and independent round functions are used, the 6-round KAEF is secure up to beyond-birthday-bound 2 2 n / 3 queries. Our results indicate that the E-Feistel structure is secure and reliable and can be adopted in designing practical block ciphers.

Provable Security of SP Networks with Partial Non-Linear Layers

Motivated by the recent trend towards low multiplicative complexity blockciphers (e.g., Zorro, CHES 2013; LowMC, EUROCRYPT 2015; HADES, EUROCRYPT 2020; MALICIOUS, CRYPTO 2020), we study their underlying structure partial SPNs, i.e., Substitution-Permutation Networks (SPNs) with parts of the substitution layer replaced by an identity mapping, and put forward the first provable security analysis for such partial SPNs built upon dedicated linear layers. For different instances of partial SPNs using MDS linear layers, we establish strong pseudorandom security as well as practical provable security against impossible differential attacks. By extending the well-established MDS code-based idea, we also propose the first principled design of linear layers that ensures optimal differential propagation. Our results formally confirm the conjecture that partial SPNs achieve the same security as normal SPNs while consuming less non-linearity, in a well-established framework.

A secure and highly efficient first-order masking scheme for AES linear operations

Due to its provable security and remarkable device-independence, masking has been widely accepted as a noteworthy algorithmic-level countermeasure against side-channel attacks. However, relatively high cost of masking severely limits its applicability. Considering the high tackling complexity of non-linear operations, most masked AES implementations focus on the security and cost reduction of masked S-boxes. In this paper, we focus on linear operations, which seems to be underestimated, on the contrary. Specifically, we discover some security flaws and redundant processes in popular first-order masked AES linear operations, and pinpoint the underlying root causes. Then we propose a provably secure and highly efficient masking scheme for AES linear operations. In order to show its practical implications, we replace the linear operations of state-of-the-art first-order AES masking schemes with our proposal, while keeping their original non-linear operations unchanged. We implement four newly combined masking schemes on an Intel Core i7-4790 CPU, and the results show they are roughly 20% faster than those original ones. Then we select one masked implementation named RSMv2 due to its popularity, and investigate its security and efficiency on an AVR ATMega163 processor and four different FPGA devices. The results show that no exploitable first-order side-channel leakages are detected. Moreover, compared with original masked AES implementations, our combined approach is nearly 25% faster on the AVR processor, and at least 70% more efficient on four FPGA devices.

SIEA: Secure Image Encryption Algorithm Based on Chaotic Systems Optimization Algorithms and PUFs

One of the general problems in modern digital society is undoubtedly the information security topic. It is critical to ensure the security of information transferred, processed, and stored throughout digital channels. Among this information, digital images draw attention in terms of frequency of use in digital channels. In this study, a new image encryption algorithm is proposed to address the security problems of digital images. The aspect that differentiates the proposed algorithm from thousands of image encryption algorithms in the literature is that it is designed within the framework of the provable security design principle. The provable security design approach has ensured that the proposed algorithm is theoretically secure with mathematical proof techniques. In addition to addressing the proposed architecture security concerns, the hybrid random number generator used as the key generator constitutes another unique aspect. This generator, which was designed using chaotic systems, physical unclonable functions, and optimization algorithms, stands out as the innovative aspect of the study. The statistical randomness properties of the proposed random number generator were tested using the NIST SP 800-22 Statistical Test Suite. Successful results were obtained for 15 tests in the test package. In addition, the success of these outputs was tested on a new image encryption algorithm. The security of the proposed algorithm was tested from different angles using various experimental analyzes and a 12-step provable security analysis roadmap. Successful analysis results and performance measurements indicate that the proposed cryptographic components can be used in many information security applications and many future designs.

Provably Quantum-Secure Tweakable Block Ciphers

Recent results on quantum cryptanalysis show that some symmetric key schemes can be broken in polynomial time even if they are proven to be secure in the classical setting. Liskov, Rivest, and Wagner showed that secure tweakable block ciphers can be constructed from secure block ciphers in the classical setting. However, Kaplan et al. showed that their scheme can be broken by polynomial time quantum superposition attacks, even if underlying block ciphers are quantum-secure. Since then, it remains open if there exists a mode of block ciphers to build quantum-secure tweakable block ciphers. This paper settles the problem in the reduction-based provable security paradigm. We show the first design of quantum-secure tweakable block ciphers based on quantum-secure block ciphers, and present a provable security bound. Our construction is simple, and when instantiated with a quantum-secure n-bit block cipher, it is secure against attacks that query arbitrary quantum superpositions of plaintexts and tweaks up to O(2n/6) quantum queries. Our security proofs use the compressed oracle technique introduced by Zhandry. More precisely, we use an alternative formalization of the technique introduced by Hosoyamada and Iwata.