Tweakable Block Ciphers

10 years 8 months ago
Tweakable Block Ciphers
We propose a new cryptographic primitive, the “tweakable block cipher.” Such a cipher has not only the usual inputs—message and cryptographic key—but also a third input, the “tweak.” The tweak serves much the same purpose that an initialization vector does for CBC mode or that a nonce does for OCB mode. Our proposal thus brings this feature down to the primitive block-cipher level, instead of incorporating it only at the higher modes-of-operation levels. We suggest that (1) tweakable block ciphers are easy to design, (2) the extra cost of making a block cipher “tweakable” is small, and (3) it is easier to design and prove modes of operation based on tweakable block ciphers.
Moses Liskov, Ronald L. Rivest, David Wagner
Added 15 Sep 2011
Updated 15 Sep 2011
Type Journal
Year 2011
Where JOC
Authors Moses Liskov, Ronald L. Rivest, David Wagner
Comments (0)