The Sum of PRPs Is a Secure PRF

نویسنده

  • Stefan Lucks
چکیده

Given d independent pseudorandom permutations (PRPs) πi, . . . , πd over {0, 1} , it appears natural to define a pseudorandom function (PRF) by adding (or XORing) the permutation results: sum(x) = π1(x)⊕· · ·⊕πd(x). This paper investigates the security of sum d and also considers a variant that only uses one single PRP over {0, 1}.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Pseudorandom Functions and Permutations Provably Secure against Related-Key Attacks

This paper fills an important foundational gap with the first proofs, under standard assumptions and in the standard model, of the existence of PRFs and PRPs resisting rich and relevant forms of relatedkey attack (RKA). An RKA allows the adversary to query the function not only under the target key but under other keys derived from it in adversary-specified ways. Based on the Naor-Reingold PRF ...

متن کامل

One-key Double-Sum MAC with Beyond-Birthday Security

MACs (Message Authentication Codes) are widely adopted in communication systems to ensure data integrity and data origin authentication, e.g. CBC-MACs in the ISO standard 9797-1. However, all the current designs either suffer from birthday attacks or require long key sizes. In this paper, we focus on designing beyond-birthday-bound MAC modes with a single key, and investigate their design princ...

متن کامل

پروتکل کارا برای جمع چندسویه امن با قابلیت تکرار

In secure multiparty computation (SMC), a group of users jointly and securely computes a mathematical function on their private inputs, such that the privacy of their private inputs will be preserved. One of the widely used applications of SMC is the secure multiparty summation which securely computes the summation value of the users’ private inputs. In this paper, we consider a secure multipar...

متن کامل

A Note on Quantum-Secure PRPs

We show how to construct pseudorandom permutations (PRPs) that remain secure even if the adversary can query the permutation on a quantum superposition of inputs. Such PRPs are called quantum-secure. Our construction combines a quantum-secure pseudorandom function together with constructions of classical format preserving encryption. By combining known results, we obtain the first quantum-secur...

متن کامل

Concrete Security Characterizations of PRFs and PRPs: Reductions and Applications

We investigate several alternate characterizations of pseudorandom functions (PRFs) and pseudorandom permutations (PRPs) in a concrete security setting. By analyzing the concrete complexity of the reductions between the standard notions and the alternate ones, we show that the latter, while equivalent under polynomial-time reductions, are weaker in the concrete security sense. With these altern...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2000