Séminaire de Cryptographie

Accueil     Présentation     Archives

Itai Dinur

Key Recovery Attacks on 3-round Even-Mansour

The Even-Mansour (EM) encryption scheme received a lot of attention in the last couple of years due to its exceptional simplicity and tight security proofs. The original $1$-round construction was naturally generalized into $r$-round structures with one key, two alternating keys, and completely independent keys.

In this talk I will describe the first key recovery attack on the one-key 3-round version of EM which is faster than exhaustive search. I will then show how to use the new cryptanalytic techniques in order to improve the best known attacks on several concrete EM-like schemes such as the block cipher LED.

The talk will be mostly self-contained and intended to a wide audience.

Based on joint work with Orr Dunkelman, Nathan Keller and Adi Shamir.