Non-Asymptotic 𝑡�-Wise Independence of Substitution-Permutation Networks

Pelecanos, Angelos

Author(s)

Pelecanos, Angelos

DownloadThesis PDF (598.8Kb)

Advisor

Vaikuntanathan, Vinod

Terms of use

In Copyright - Educational Use Permitted Copyright MIT http://rightsstatements.org/page/InC-EDU/1.0/

Metadata

Show full item record

Abstract

In this thesis, we study the 𝑡-wise independence of block ciphers following the Substitution-Permutation Network design to prove resilience against cryptanalytic attacks and show non-asymptotic bounds for two widely-used ciphers. There are two main contributions of this thesis. In the first part of this thesis, we study the pairwise independence of AES. Replacing the INV 𝑆-box with an ‘ideal’ variant, we are able to compute tight convergence properties and prove that this ideal AES is pairwise independent in 5 rounds. As a corollary, we show how to simulate the ideal AES variant using the true AES, after silencing parts of some AES rounds. We call the resulting construction censored AES and we prove that it is pairwise independent in 92 rounds. Since this variant is modeled after AES, but does not perform a significant fraction of the mixing steps, we believe that our result is evidence that the true AES is pairwise independent in less than 100 rounds. In the second part of this thesis, we study the 𝑡-wise independence of the MiMC cipher. In particular, we use exponential sums results from algebraic number theory to show that 7𝑡+𝑜(𝑡) rounds of MiMC on a prime order field are 𝑡-wise independent. This result is tight up to constant factors and is the first proof of 𝑡-wise independence for any concrete cipher.

Date issued

2022-05

URI

https://hdl.handle.net/1721.1/144912

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Publisher

Massachusetts Institute of Technology

Collections

Graduate Theses

DSpace@MIT