MARC details
| 000 -LEADER |
|---|
| fixed length control field |
05807nam a22003617a 4500 |
| 001 - CONTROL NUMBER |
|---|
| control field |
th611 |
| 003 - CONTROL NUMBER IDENTIFIER |
|---|
| control field |
ISI Library, Kolkata |
| 005 - DATE AND TIME OF LATEST TRANSACTION |
|---|
| control field |
20250924150706.0 |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION |
|---|
| fixed length control field |
250106b |||||||| |||| 00| 0 eng d |
| 040 ## - CATALOGING SOURCE |
|---|
| Original cataloging agency |
ISI Library |
| Language of cataloging |
English |
| 082 04 - DEWEY DECIMAL CLASSIFICATION NUMBER |
|---|
| Edition number |
23rd |
| Classification number |
005.8 |
| Item number |
Sa131 |
| 100 1# - MAIN ENTRY--PERSONAL NAME |
|---|
| Personal name |
Saha, Abishanka |
| Relator term |
author |
| 245 10 - TITLE STATEMENT |
|---|
| Title |
Mirror theory and its applications in crypography/ |
| Statement of responsibility, etc |
Abishanka Saha |
| 260 ## - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) |
|---|
| Place of publication, distribution, etc |
Kolkata: |
| Name of publisher, distributor, etc |
Indian Statistical Institute, |
| Date of publication, distribution, etc |
2024 |
| 300 ## - PHYSICAL DESCRIPTION |
|---|
| Extent |
xxi, 205 pages, |
| 502 ## - DISSERTATION NOTE |
|---|
| Dissertation note |
Thesis (Ph.D) - Indian Statistical Institute, 2024 |
| 504 ## - BIBLIOGRAPHY, ETC. NOTE |
|---|
| Bibliography, etc |
Includes bibliography |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
Foundations -- Introduction -- Defining security -- H-technique -- <br/>Results and proofs -- The mirror theory problem -- Toying with CMTP -- CMTP for ξmax = 2 -- CMTP for general ξmax -- BMTP for ξmax = 2 -- BMTP in tweakable permutation setting -- Preliminaries for the RMTP problem -- Regular partite RMTP -- Compete RMTP -- <br/>Motivations and applications -- Applications of complete and bipartite mirror theory for ξmax =<br/>2 -- 109<br/>13.1 XOR1 construction: Applications of CMTP for ξmax = 2 -- Cryptographic applications of theorem -- Application of theorem 9.1 : lrw+ -- Application of theorem 11.1 : sum of r even-mansour -- Application of theorem 12.1 : 1k-dbhts -- <br/>Reflections -- Conclusion and future directions -- <br/>Appendix |
| 508 ## - CREATION/PRODUCTION CREDITS NOTE |
|---|
| Creation/production credits note |
Guided by Prof. Mridul Nandi |
| 520 ## - SUMMARY, ETC. |
|---|
| Summary, etc |
The indistinguishability security of a cryptographic construction refers to the maximum advantage of an interactive adversary to distinguish between the real and ideal world, where in the real world it interacts with the construction, and in the ideal world it interacts with its idealized counterpart. In the field of information-theoretic provable security, we bound this indistinguishability advantage by the statistical distance between the random variables representing the transcript of interaction in the real and ideal worlds, respectively. One of the most popular techniques in bounding the statistical distance is the H-Coefficient Technique introduced by J. Patarin, for which a set of transcripts is identified as good, and the probability of realizing such a good transcript in the real world is lower-bounded. For numerous constructions in practice, lower-bounding this real-world interpolation probability reduces to lower-bounding the number of solutions to a system of equations and non-equations over a field. The theory of achieving optimum lower bounds to a system of equations and non-equations is termed Mirror Theory by J. Patarin. Although several Mirror Theory statements have been conjectured and profusely used in beyond-birthday bound analysis of a multitude of constructions, the proofs of such statements are either non-existent or at least have significant non-verifiable gaps. <br/><br/>In this thesis, we have presented the first simple verifiable proofs of several variants of Mirror Theory and applied them to security analyses of various cryptographic schemes.<br/><br/>As our first contribution, we proved that the number of pairwise disjoint solutions to a system of bivariate equations over n-bit variables, such that no two equations share any common variable, is at least the average number of such solutions. This translates via the H-coefficient technique to the n-bit security for the sum of permutations PRF constructions. <br/><br/>As our second contribution, we show that the number of pairwise disjoint solutions to a system of bivariate equations over n-bit variables, which even has quite a large block-maximality, is at least the average number of such solutions. Here block-maximality of a system of equations refers to the maximum number of variables that get determined when one variable is assigned a particular value. Note that, in our previous simpler result the block-maximality was just two. This translates via the H-coefficient technique to the n-bit security for several PRF constructions, like XORP[w], 2k-HtmB-p2, and the PRP construction, six-round Feistel network. <br/><br/>As our third contribution, we have used a Mirror Theory statement in the tweakable permutation setting, where the variables are partitioned into two sets and solutions need to be pairwise disjoint within the two sets only, to prove 3n/4-bit security of the tweakable blockcipher construction paradigm, LRW+, proposed by us, that includes as subcases the CLRW2 and 4LRW1 constructions proposed in the seminal paper of Liskov, Rivest, and Wagner. The LRW+ paradigm was proposed to achieve beyond-birthday-bound security, as we have given a birthday-bound attack on the TNT or 3LRW1 construction, disproving the long-held belief that the latter is beyond-birthday-bound tweakable blockcipher. <br/><br/>Finally, as our fourth contribution, we have given a lower bound to the number of solutions (which are pairwise disjoint within a partition of the variables) to a system of equations (need not be bivariate) where the solutions are not allowed to take values in certain forbidden sets. We have used this variant of Mirror Theory to prove optimal 3n/4-security of single key variants of double-block-hash-then-sum MAC constructions, like 1k-LightMAC+, 1k-PMAC+, and the PRF construction, sum of k Even-Mansour. <br/><br/>Several of the security proofs mentioned above are indeed tight. |
| 650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Cryptography |
| 650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Mirror Theory |
| 650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Pseudorandom Functions |
| 650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Pseudorandom Permutations |
| 650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Beyond-birthday-bound Security |
| 650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Random Oracle Model |
| 650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
H Coefficient Technique |
| 650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
System of Equations and Non-equations |
| 650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Tweakable Blockciphers |
| 650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Information-theoretic Security |
| 856 ## - ELECTRONIC LOCATION AND ACCESS |
|---|
| Uniform Resource Identifier |
<a href="http://dspace.isical.ac.in:8080/jspui/handle/10263/7483">http://dspace.isical.ac.in:8080/jspui/handle/10263/7483</a> |
| Link text |
Full Text |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) |
|---|
| Source of classification or shelving scheme |
Dewey Decimal Classification |
| Koha item type |
THESIS |
