Non-Asymptotic 𝑡-Wise Independence of Substitution-Permutation Networks

• dc.contributor.advisor: Vaikuntanathan, Vinod
• dc.contributor.author: Pelecanos, Angelos
• dc.date.issued: 2022-05
• dc.date.submitted: 2022-05-27T16:19:27.212Z
• dc.identifier.uri: https://hdl.handle.net/1721.1/144912
• dc.description.abstract: In this thesis, we study the 𝑡-wise independence of block ciphers following the Substitution-Permutation Network design to prove resilience against cryptanalytic attacks and show non-asymptotic bounds for two widely-used ciphers. There are two main contributions of this thesis. In the first part of this thesis, we study the pairwise independence of AES. Replacing the INV 𝑆-box with an ‘ideal’ variant, we are able to compute tight convergence properties and prove that this ideal AES is pairwise independent in 5 rounds. As a corollary, we show how to simulate the ideal AES variant using the true AES, after silencing parts of some AES rounds. We call the resulting construction censored AES and we prove that it is pairwise independent in 92 rounds. Since this variant is modeled after AES, but does not perform a significant fraction of the mixing steps, we believe that our result is evidence that the true AES is pairwise independent in less than 100 rounds. In the second part of this thesis, we study the 𝑡-wise independence of the MiMC cipher. In particular, we use exponential sums results from algebraic number theory to show that 7𝑡+𝑜(𝑡) rounds of MiMC on a prime order field are 𝑡-wise independent. This result is tight up to constant factors and is the first proof of 𝑡-wise independence for any concrete cipher.
• dc.publisher: Massachusetts Institute of Technology
• dc.type: Thesis
• dc.description.degree: M.Eng.
• dc.contributor.department: Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
• mit.thesis.degree: Master
• thesis.degree.name: Master of Engineering in Electrical Engineering and Computer Science