OleF: an Inverse-Free Online Cipher. An Online SPRP with an Optimal Inverse-Free Construction

Online ciphers, in spite of being insecure against an sprp adversary, can be desirable at places because of their ease of implementation and speed. Here we propose a single-keyed inverse-free construction that achieves online sprp security with an optimal number of blockcipher calls. We also include a partial block construction, without requiring any extra key

Revisiting Turning Online Cipher Off

In \u27Turning Online Ciphers Off\u27, a class of constructions was defined based on layers of secure online ciphers interleaved with simple mixing layers (like reversing and block-shifting). Here we show that an SPRP construction proposed in the work cited is insecure. Howevewr, the same construction is secure under the assumption that the underlying construction is online-but-last ciphers. We include a simpler proof for beyond-birthday security of other constructions proposed in the same work

A Sponge-Based PRF with Good Multi-user Security

Both multi-user PRFs and sponge-based constructions have generated a lot of research interest lately. Dedicated analyses for multi-user security have improved the bounds a long distance from the early generic bounds obtained through hybrid arguments, yet the bounds generally don\u27t allow the number of users to be more than birthday-bound in key-size. Similarly, known sponge constructions suffer from being only birthday-bound secure in terms of their capacity. We present in this paper $\textsf{Muffler}$, a multi-user PRF built from a random permutation using a full-state sponge with feed-forward, which uses a combination of the user keys and unique user IDs to solve both the problems mentioned by improving the security bounds for multi-user constructions and sponge constructions. For $D$ construction query blocks and $T$ permutation queries, with key-size $\kappa = n/2$ and tag-size $\tau$ = $n/2$ (where $n$ is the state-size or the size of the underlying permutation), both $D$ and $T$ must touch birthday bound in $n$ in order to distinguish $\textsf{Muffler}$ from a random function

Offset-Based BBB-Secure Tweakable Block-ciphers with Updatable Caches

A nonce-respecting tweakable blockcipher is the building-block for the OCB authenticated encryption mode. An XEX-based TBC is used to process each block in OCB. However, XEX can provide at most birthday bound privacy security, whereas in Asiacrypt 2017, beyond-birthday-bound (BBB) forging security of OCB3 was shown by Bhaumik and Nandi. In this paper we study how at a small cost we can construct a nonce-respecting BBB-secure tweakable blockcipher. We propose the OTBC-3 construction, which maintains a cache that can be easily updated when used in an OCB-like mode. We show how this can be used in a BBB-secure variant of OCB with some additional keys and a few extra blockcipher calls but roughly the same amortised rate

Eutetrarhynchid trypanorhynchs (Cestoda) from elasmobranchs off Argentina, including the description of Dollfusiella taminii sp. n. and Parachristianella damiani sp. n., and amended description of Dollfusiella vooremi (São Clemente et Gomes, 1989)

During a parasitological survey of teleosts and elasmobranchs in the Argentine Sea, 3 species of eutetrarhynchids were collected from the batoids Myliobatis goodei Garman and Psammobatis bergi Marini, and the shark Mustelus schmitti Springer. The specimens collected from Mu. schmitti were identified as Dollfusiela vooremi (São Clemente et Gomes, 1989), whereas the specimens from My. goodei and Ps. bergi resulted in new species of Dollfusiella Campbell et Beveridge, 1994 and Parachristianella Dollfus, 1946, respectively. Dollfusiella taminii sp. n. from Ps. bergi is characterised by a distinct basal armature with basal swelling and a heteroacanthous homeomorphous metabasal armature with 7–9 falcate hooks per principal row. Parachristianella damiani sp. n. from My. goodei lacks a distinct basal armature, having 2–3 initial rows of uncinate hooks, a heteroacanthous heteromorphous metabasal armature with the first principal row of small hooks, followed by rows with 10–14 large hooks. This is the first record of Parachristianella in the southwestern Atlantic. The amended description of D. vooremi includes the detailed description of the tentacular armature, including SEM micrographs of all tentacular surfaces. This species is characterised by a basal armature consisting of rows of uncinate and falcate hooks, a basal swelling and a metabasal armature with billhooks on the antibothrial surface and uncinate hooks on the bothrial surface. The scolex peduncle of D. vooremi is covered with enlarged spinitriches. This species is restricted to carcharhiniform sharks, since the report of D. vooremi in Sympterygia bonapartii Müller et Henle off Bahía Blanca (Argentina) is dubious.Fil: Menoret, Adriana. Consejo Nacional de Investigaciones Científicas y Técnicas. Oficina de Coordinación Administrativa Ciudad Universitaria. Instituto de Biodiversidad y Biología Experimental y Aplicada. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Instituto de Biodiversidad y Biología Experimental y Aplicada; ArgentinaFil: Ivanov, Veronica Adriana. Consejo Nacional de Investigaciones Científicas y Técnicas. Oficina de Coordinación Administrativa Ciudad Universitaria. Instituto de Biodiversidad y Biología Experimental y Aplicada. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Instituto de Biodiversidad y Biología Experimental y Aplicada; Argentin

The Iterated Random Function Problem

At CRYPTO 2015, Minaud and Seurin introduced and studied the iterated random permutation problem, which is to distinguish the $r$-th iterate of a random permutation from a random permutation. In this paper, we study the closely related iterated random function problem, and prove the first almost-tight bound in the adaptive setting. More specifically, we prove that the advantage to distinguish the $r$-th iterate of a random function from a random function using $q$ queries is bounded by $O(q^2r(\log r)^3/N)$, where $N$ is the size of the domain. In previous work, the best known bound was $O(q^2r^2/N)$, obtained as a direct result of interpreting the iterated random function problem as a special case of CBC-MAC based on a random function. For the iterated random function problem, the best known attack has an advantage of $\Omega(q^2r/N)$, showing that our security bound is tight up to a factor of $(\log r)^3$