IACR News item: 14 February 2014
Yuanxi Dai, John Steinberger
ePrint Reporttimes with itself under independent keys---has received considerable
attention of late from the standpoint of provable security. Despite
these efforts proving definitive security bounds (i.e., with matching
attacks) has remained elusive even for the special case of triple
encryption. In this paper we close the gap by improving both the best
known attacks and best known provable security, so that both bounds
match. Our results apply for arbitrary number of rounds and show that
the security of $\\ell$-round multiple encryption is precisely
$\\exp(\\kappa + \\min\\{\\kappa (\\ell\'-2)/2), n (\\ell\'-2)/\\ell\'\\})$ where
$\\exp(t) = 2^t$ and where $\\ell\' = 2\\lceil \\ell/2\\rceil$ is the even
integer closest to $\\ell$ and greater than or equal to $\\ell$, for all
$\\ell \\geq 1$. Our technique is based on Patarin\'s H-coefficient
method and reuses a combinatorial result of Chen and Steinberger
originally required in the context of key-alternating ciphers.
Additional news items may be found on the IACR news page.