International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paul Crowley

Publications

Year
Venue
Title
2018
TOSC
Adiantum: length-preserving encryption for entry-level processors 📺
Paul Crowley Eric Biggers
We present HBSH, a simple construction for tweakable length-preserving encryption which supports the fastest options for hashing and stream encryption for processors without AES or other crypto instructions, with a provable quadratic advantage bound. Our composition Adiantum uses NH, Poly1305, XChaCha12, and a single AES invocation. On an ARM Cortex-A7 processor, Adiantum decrypts 4096-byte messages at 10.6 cycles per byte, over five times faster than AES-256-XTS, with a constant-time implementation. We also define HPolyC which is simpler and has excellent key agility at 13.6 cycles per byte.
2006
EPRINT
Improved cryptanalysis of Py
Paul Crowley
We improve on the best known cryptanalysis of the stream cipher Py by using a hidden Markov model for the carry bits in addition operations where a certain distinguishing event takes place, and constructing from it an "optimal distinguisher" for the bias in the output bits which makes more use of the information available. We provide a general means to efficiently measure the efficacy of such a hidden Markov model based distinguisher, and show that our attack improves on the previous distinguisher by a factor of 2^16 in the number of samples needed. Given 2^72 bytes of output we can distinguish Py from random with advantage greater than 1/2, or given only a single stream of 2^64 bytes we have advantage 0.03.
2005
EPRINT
Truncated differential cryptanalysis of five rounds of Salsa20
Paul Crowley
We present an attack on Salsa20 reduced to five of its twenty rounds. This attack uses many clusters of truncated differentials and requires 2^{165} work and 2^{6} plaintexts.
2001
FSE
2000
FSE

Coauthors

Eric Biggers (1)
Stefan Lucks (1)