| Itai Dinur |  |
 |
Date de l'exposé : 22 novembre 2013
Key Recovery Attacks on 3-round Even-Mansour
The Even-Mansour (EM) encryption scheme received a lot of attention in the last couple of years due to its exceptional simplicity and tight security proofs. The original $1$-round construction was naturally generalized into $r$-round structures with one key, two alternating keys, and completely independent keys.In this talk I will describe the first key recovery attack on the one-key 3-round version of EM which is faster than exhaustive search. I will then show how to use the new cryptanalytic techniques in order to improve the best known attacks on several concrete EM-like schemes such as the block cipher LED.
The talk will be mostly self-contained and intended to a wide audience.
Based on joint work with Orr Dunkelman, Nathan Keller and Adi Shamir.
