Date de l'exposé : 10 mars 2023
Safely Doubling your Block Ciphers for a Post-Quantum World
In order to maintain a similar security level in a post-quantum setting, many symmetric primitives should have to double their keys and increase their state sizes. So far, no generic way for doing this is known that would provide convincing quantum security guarantees.
In this talk we propose a new generic construction, QuEME, that allows to double the key and the state size of a block-cipher. For this, we started by considering the ECB-Mix-ECB (EME) construction, but we found a new type of quantum attack on it. We therefore tweaked EME in order to resist these attacks, and provide several classical and quantum security arguments and analyses on QuEME. We propose a concrete instantiation of this construction with variants of AES-128.
