A Domain Extender for the Ideal Cipher
نویسندگان
چکیده
We describe the first domain extender for ideal ciphers, i.e. we show a construction that is indifferentiable from a 2n-bit ideal cipher, given a n-bit ideal cipher. Our construction is based on a 3round Feistel, and is more efficient than first building a n-bit random oracle from a n-bit ideal cipher (as in [6]) and then a 2n-bit ideal cipher from a n-bit random oracle (as in [7], using a 6-round Feistel). We also show that 2 rounds are not enough for indifferentiability by exhibiting a simple attack. We also consider our construction in the standard model: we show that 2 rounds are enough to get a 2n-bit tweakable blockcipher from a n-bit tweakable block-cipher and we show that with 3 rounds we can get beyond the birthday security bound. Key-words: ideal cipher model, indifferentiability, tweakable block-cipher.
منابع مشابه
CPA on COLM Authenticated Cipher and the Protection Using Domain-Oriented Masking
Authenticated encryption schemes are important cryptographic primitives that received extensive attention recently. They can provide both confidentiality and authenticity services, simultaneously. Correlation power analysis (CPA) can be a thread for authenticated ciphers, similar to the any physical implementation of any other cryptographic scheme. In this paper, a three-step CPA attack against...
متن کاملA New Mode of Operation for Block Ciphers and Length-Preserving MACs
We propose a new mode of operation, enciphered CBC, for domain extension of length-preserving functions (like block ciphers), which is a variation on the popular CBC mode of operation. Our new mode is twice slower than CBC, but has many (property-preserving) properties not enjoyed by CBC and other known modes. Most notably, it yields the first constant-rate Variable Input Length (VIL) MAC from ...
متن کاملA Generic Method to Extend Message Space of a Strong Pseudorandom Permutation Método Genérico para Extender el Espacio del Mensaje de una Permutación Pseudo-aleatoria Fuerte
Let E be a strong pseudorandom permutation (or SPRP) secure enciphering scheme (i.e., a length-preserving encryption scheme) which can only encrypt messages of size multiple of n, the block size of the underlying block cipher. There are several such constructions, e.g., CBC mode or cipher block chaining mode. In this paper we present how a secure enciphering scheme E can be obtained which can e...
متن کاملNew Fixed Point Attacks on GOST2 Block Cipher
GOST block cipher designed in the 1970s and published in 1989 as the Soviet and Russian standard GOST 28147-89. In order to enhance the security of GOST block cipher after proposing various attacks on it, designers published a modified version of GOST, namely GOST2, in 2015 which has a new key schedule and explicit choice for S-boxes. In this paper, by using three exactly identical portions of ...
متن کاملRevisiting Dedicated and Block Cipher based Hash Functions
A hash function maps a variable length input into a fixed length output. The hash functions that are used in the information security related applications are referred as cryptographic hash functions. Hash functions are being used as building blocks of many complex cryptographic mechanisms and protocols. Construction of a hash function consists of two components. First component is a compressio...
متن کامل