Sciweavers

FSE
2008
Springer

An Improved Security Bound for HCTR

14 years 2 months ago
An Improved Security Bound for HCTR
HCTR was proposed by Wang, Feng and Wu in 2005. It is a mode of operation which provides a tweakable strong pseudorandom permutation. Though HCTR is quite an efficient mode, the authors showed a cubic security bound for HCTR which makes it unsuitable for applications where tweakable strong pseudorandom permutations are required. In this paper we show that HCTR has a better security bound than what the authors showed. We prove that the distinguishing advantage of an adversary in distinguishing HCTR and its inverse from a random permutation and its inverse is bounded above by 4.52 /2n , where n is the block-length of the block-cipher and is the number of n-block queries made by the adversary (including the tweak).
Debrup Chakraborty, Mridul Nandi
Added 26 Oct 2010
Updated 26 Oct 2010
Type Conference
Year 2008
Where FSE
Authors Debrup Chakraborty, Mridul Nandi
Comments (0)