International Association for Cryptologic Research (IACR)
Abstract
Tweakable HCTR is an tweakable enciphering proposed by Dutta and Nandi in Indocrypt 2018. It provides beyond birthday bound security when each tweak value is not used too frequently. More importantly for this note, its security bound degrades linearly with the maximum input length. We show in this note that this is not true by showing a single query distinguisher with advantage O(l2/2n) where l is the length of that query. The distinguisher does not break the beyond-birthday-bound claim but gives higher advantage than the claimed bound
