Questions tagged [permutation]
A way, esp. one of several possible variations, in which a set or number of things can be ordered or arranged.
186
questions
3
votes
2
answers
113
views
What are advantages/disadvantages of an invertible tweak schedule in a tweakable block cipher?
I have been doing research on a tweakable block cipher called BipBip. This is a rather niche cipher so I'll give a few facts about it for background before asking my question:
The structure is based ...
0
votes
0
answers
47
views
I'm curious on what the downsides of the public-key encryption method from my research project could be
As part of my final BS degree research project, I had to work with an encryption method based on research done in my university. What surprised me, is that while the method is very simple, I can't ...
0
votes
0
answers
40
views
How to attack the shuffling of correlated numbers?
Suppose I have a function that accepts vector input $x$ and outputs vector $y=f(x)$. I want to protect the output $y$ through shuffling numbers in it. I hope the shuffling can confuse the attacker by ...
0
votes
0
answers
44
views
Inverse Permutation in Sequential Manner Per-XOR (𝑃𝑥−1)
I'm trying to understand a protocol proposed in a research paper. There is a step that involves computing inverse Per-XOR. The explanation along with solved example is given below:
"Perform ...
0
votes
1
answer
74
views
Per-XOR computation
I have an assignment where I have to understand a protocol proposed in a research paper. The first step involves computing Per-XOR, but I can't seem to understand the explanation given. Below is the ...
2
votes
1
answer
68
views
Rationale for BLAKE2 message schedule?
BLAKE2 uses a message schedule I did not see before. It uses permutations of pieces of the message block.
The BLAKE2 book did not state the rationale for such a choice and how it contrasts with the ...
4
votes
0
answers
107
views
Impossibility of uniform generation in random world
I was reading Limits on the provable consequences of one way permutations by Impagliazzo and Rudich when I got stuck on a sentence.
First of all, they define a polynomial relation that is any relation ...
0
votes
1
answer
155
views
What is the inverse of this variant of the Gimli SP-box?
Consider a slightly modified variant of the Gimli SP-box:
...
0
votes
0
answers
110
views
What is the AEGIS design rationale for one way rounds and slow diffusion?
The AEGIS reference document doesn't specify why the authors chose a slow diffusion process and a one way round transformation.
As you can see the previous state is XORed with AES applied to itself ...
4
votes
1
answer
144
views
How is the Full-State Keyed duplex useful?
In the Full-State Keyed duplex (sponge construction AEAD), plaintext is absorbed into the entire state of the sponge permutation but only a portion of the output can be used else the scheme breaks (...
2
votes
1
answer
244
views
Why doesn't ChaCha use a 512bit key and xor parameters into it?
ChaCha has clear delineations between key, nonce, counter and constants.
What is the reason for not using a XEX-like ($k=0$) approach such that the ChaCha key is 512 bits and all the other things are ...
3
votes
0
answers
96
views
A 5-bit S-Box whose differential branch number is equal to 4 and the linear branch number is not less than 3
The last paragraph of Section 1 (Introduction) of the paper “On the Relationship between Resilient Boolean Functions and Linear Branch Number of S-boxes” [S. Sarkar, K. Mandal, D. Saha] contains the ...
1
vote
1
answer
115
views
Worst-case one-way permutations under P different from NP
This is probably obvious, but I cannot find it anywhere, since all textbooks define OWFs for average-case hardness.
Do we known if worst-case one-way permutations exist assuming $\mathbf{P} \neq \...
1
vote
2
answers
237
views
Sponge construction versus Merkle-Damgard For Hashing based on the very same primitive
I am a bit confused about Sponge construction and Merkle-Damgard-style ones for hashing. The only advantage I see for sponge construction is that they are secure against length extension attacks. So ...
1
vote
0
answers
34
views
Secure ciphersuite from security-wise sub-optimal unkeyed permutation?
Hypothetically,
IF we were to create a SSL/TLS or QUIC ciphersuite from a single (unkeyed) permutation operating in sponge mode to provide hashing and duplex mode to provide AEAD cipher,
AND IF the ...