## CryptoDB

### Paper: The MALICIOUS Framework: Embedding Backdoors into Tweakable Block Ciphers

Authors: haoyang wang , School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore thomas peyrin , School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore DOI: http://dx.doi.org/10.1007/978-3-030-56877-1_9 (login may be required) Search ePrint Search Google CRYPTO 2020 Inserting backdoors in encryption algorithms has long seemed like a very interesting, yet difficult problem. Most attempts have been unsuccessful for symmetric-key primitives so far and it remains an open problem of how to build such ciphers. In this work, we propose the MALICIOUS framework, a new method to build tweakable block ciphers that have a backdoor hidden, which allows to retrieve the secret key. Our backdoor is differential in nature: a specific related-tweak differential path with high probability is hidden during design phase of the cipher. We explain how the backdoor can be used to practically recover the secret key of a user for any entity knowing the backdoor and we also argue why even knowing the presence of the backdoor and the workings of the cipher will not permit to retrieve the backdoor for an external user. We analyze the security of our construction in the classical black-box model and we show that retrieving the backdoor (the hidden high-probability differential path) is very difficult. We instantiate our framework by proposing the LowMC-M construction, a new family of tweakable block ciphers based on instances of the LowMC cipher, which allow such backdoor embedding. Generating LowMC-M instances is trivial and the LowMC-M family has basically the same efficiency as the LowMC instances it is based on.
##### BibTeX
@inproceedings{crypto-2020-30529,
title={The MALICIOUS Framework: Embedding Backdoors into Tweakable Block Ciphers},
publisher={Springer-Verlag},
doi={http://dx.doi.org/10.1007/978-3-030-56877-1_9},
author={haoyang wang and thomas peyrin},
year=2020
}