DEI/CISUC Seminars
April 18, Wednesday,
13h (sharp),
Room A.5.4. DEI-FCTUC
Invited Speaker: Samuel Neves
Title: "Optimal PRFs from Blockcipher Designs "
Abstract: Cryptographic modes of operation built on top of a block cipherusually rely on the assumption that the block cipher behaves like a pseudorandom permutation (PRP). For many of these modes, such as counter mode and GCM, stronger security guarantees could be derived if they were instead based on a pseudorandom function (PRF). Very few PRF designs exist in the literature, however, which consists mainly of permutation proposals.
We propose FastPRF, a heuristic method of transforming a dedicated block cipher design into a dedicated PRF design. Intuitively, the method consists of evaluating the block cipher once, with one or more intermediate state values fed-forward. It shows strong resemblance with the recent optimally secure EDMD construction, but the use of internal state values makes EDMD's security analysis formally inapplicable.
In addition, we also propose the concrete instantiation AES-PRF---AES with a feed-forward of the middle state---and argue that it achieves close to optimal security. We apply the AES-PRF design to GCM and GCM-SIV, and demonstrate how this comes with significant security improvements.
Short-bio: Samuel Neves is a PhD student at the Department of Informatics
Engineering of University of Coimbra. His main research interests lie in the design, analysis, and efficient implementation of cryptographic primitives. He was involved in, among other things, the design and analysis of the BLAKE2 hash function and the NORX authenticated encryption algorithm, as well as the practical cryptanalysis of the Open Smart Grid Protocol's message authentication function.