Provable Security in Idealised Models

Abstract

This thesis is a compilation of provable security analyses of various cryptographic constructions in idealised models. The first construction examined is the ABR hash. We revisit the existing proof of the ABR hash in the random oracle model and identify significant errors in the proof. Although we are unable to correct the original proof, we establish the security of the ABR tree of height 3 from scratch, addressing the first non-trivial case. As our second contribution, we conduct a tight and comprehensive security analysis of the Ascon AEAD mode in the random permutation model. We show that the efficiency of Ascon can be increased by 50%, and the tag size can be halved without losing any security. In the third contribution, we extend our security analysis of Ascon to the multiuser setting, providing tight security bounds for both nonce-respecting and noncemisuse adversaries. Additionally, we propose LK-Ascon, a variant of Ascon with a key size of up to 256 bits, offering improved multi-user security compared to Ascon. As the final contribution, we introduce PACT, a transform that converts any authenticated encryption mode into a context-committing one without any output length expansion. PACT achieves this with a single call to a collision-resistant unkeyed hash function and one call to a block cipher, with the analysis performed in the ideal cipher model. We also propose comPACT, a faster version of PACT which gives a nonce-respecting committing authenticated encryption scheme.