The QARMAv2 Family of Tweakable Block Ciphers

Roberto Avanzi, Subhadeep Banik, Orr Dunkelman, Maria Eichlseder, Shibam Ghosh, Marcel Nageler, Francesco Regazzoni

Research output: Contribution to journalArticlepeer-review


We introduce the QARMAv2 family of tweakable block ciphers. It is a redesign of QARMA (from FSE 2017) to improve its security bounds and allow for longer tweaks, while keeping similar latency and area. The wider tweak input caters to both specific use cases and the design of modes of operation with higher security bounds. This is achieved through new key and tweak schedules, revised S-Box and linear layer choices, and a more comprehensive security analysis. QARMAv2 offers competitive latency and area in fully unrolled hardware implementations. Some of our results may be of independent interest. These include: new MILP models of certain classes of diffusion matrices; the comparative analysis of a full reflection cipher against an iterative half-cipher; our boomerang attack framework; and an improved approach to doubling the width of a block cipher.

Original languageEnglish
Pages (from-to)25-73
Number of pages49
JournalIACR Transactions on Symmetric Cryptology
Issue number3
StatePublished - 19 Sep 2023

Bibliographical note

Funding Information:
We express our gratitude to: Arm Limited, for generously funding this research and sponsoring cloud computing time and hardware; Gary Gorman for providing the implementation data on the TSMC 5nm process; Andreas Sandberg for many interesting conversations on cryptographic memory protection; Tim Beyne for a very useful discussion on nonlinear invariants of round functions; for assistance with PEIGEN; for painstakingly double checking our test vectors; and Gurobi Optimization, LLC, for generously providing research licenses of their MILP Solver. Last, but not least, we want to thank the reviewers and the shepherd for outstandingly fulfilling their duties.

Publisher Copyright:
© 2023, Ruhr-University of Bochum. All rights reserved.


  • Lightweight Cryptography
  • Memory Encryption
  • Memory Integrity
  • Message Authentication Codes
  • Reflection Ciphers
  • Tweakable Block Ciphers

ASJC Scopus subject areas

  • Software
  • Computer Science Applications
  • Computational Mathematics
  • Applied Mathematics


Dive into the research topics of 'The QARMAv2 Family of Tweakable Block Ciphers'. Together they form a unique fingerprint.

Cite this