We propose a new cryptographic primitive, the “tweakable block cipher.” Such a cipher has not only the usual inputs – message and cryptographic key – but also a third input, the “tweak.” The tweak serves much the same purpose that an initialization vector does for CBC mode or that a nonce does for OCB mode. Our proposal thus brings this feature down to the primitive block-cipher level, instead of incorporating it only at the higher modes-of-operation levels. We suggest that (1) tweakable block ciphers are easy to design, (2) the extra cost of making a block cipher “tweakable” is small, and (3) it is easier to design and prove modes of operation based on tweakable block ciphers.
CITATION STYLE
Liskov, M., Rivest, R. L., & Wagner, D. (2002). Tweakable block ciphers. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2442, pp. 31–46). Springer Verlag. https://doi.org/10.1007/3-540-45708-9_3
Mendeley helps you to discover research relevant for your work.