Kravatte is a deck function, on top of which we define simple modes:

  • Kravatte-SANE, an authenticated encryption scheme supporting sessions, like Ketje and Keyak;
  • Kravatte-SANSE, an authenticated encryption scheme supporting sessions and using the synthetic initial value (SIV) technique, robust under nonce repetitions;
  • Kravatte-WBC, a wide-block cipher for authenticated encryption with minimal expansion.

Kravatte builds upon the Keccak-p permutations and the novel Farfalle construction, which can somehow be seen as the parallel counterpart of the sponge construction. It thus provides inherent parallelism that can be readily exploited on platforms supporting SIMD instruction sets or multiple cores.

Technical details

SynopsisThe Kravatte deck function
Designed byGuido Bertoni, Joan Daemen, Seth Hoffert, Michaël Peeters, Gilles Van Assche and Ronny Van Keer
ImplementsA deck function
ConstructionThe Farfalle construction
PrimitiveThe Keccak-p[1600, 6] permutation and specific rolling functions
Parameterized byNo parameter
InstancesJust Kravatte.
StatusRelies on strong components, but otherwise only recently published.