How to Construct an Ideal Cipher from a Small Set of Public Permutations
نویسندگان
چکیده
We show how to construct an ideal cipher with n-bit blocks and n-bit keys (i.e. a set of 2 public n-bit permutations) from a small constant number of n-bit random public permutations. The construction that we consider is the single-key iterated Even-Mansour cipher, which encrypts a plaintext x ∈ {0, 1} under a key k ∈ {0, 1} by alternatively xoring the key k and applying independent random public n-bit permutations P1, . . . , Pr (this construction is also named a keyalternating cipher). We analyze this construction in the plain indifferentiability framework of Maurer, Renner, and Holenstein (TCC 2004), and show that twelve rounds are sufficient to achieve indifferentiability from an ideal cipher. We also show that four rounds are necessary by exhibiting attacks for three rounds or less.
منابع مشابه
On the Indifferentiability of Key-Alternating Ciphers
The Advanced Encryption Standard (AES) is the most widely used block cipher. The high level structure of AES can be viewed as a (10-round) key-alternating cipher, where a t-round key-alternating cipher KAt consists of a small number t of fixed permutations Pi on n bits, separated by key addition: KAt(K,m) = kt ⊕ Pt(. . . k2 ⊕ P2(k1 ⊕ P1(k0 ⊕m)) . . . ), where (k0, . . . , kt) are obtained from ...
متن کاملA Stream Cipher Based on Chaotic Permutations
In this paper we introduce a word-based stream cipher consisting of a chaotic part operating as a chaotic permutation and a linear part, both of which designed on a finite field. We will show that this system can operate in both synchronized and self-synchronized modes. More specifically, we show that in the self-synchronized mode the stream cipher has a receiver operating as an unknown input o...
متن کاملIndifferentiability beyond the Birthday Bound for the Xor of Two Public Random Permutations
Xoring two permutations is a very simple way to construct pseudorandom functions from pseudorandom permutations. The aim of this paper is to get precise security results for this construction when the two permutations on n bits f and g are public. We will first prove that f ⊕ g is indifferentiable from a random function on n bits when the attacker is limited with q queries, with q ≪ √ 2. This b...
متن کاملImproving the Round Complexity of Ideal-Cipher Constructions
Title of dissertation: IMPROVING THE ROUND COMPLEXITY OF IDEAL-CIPHER CONSTRUCTIONS Aishwarya Thiruvengadam, Doctor of Philosophy, 2017 Dissertation directed by: Professor Jonathan Katz Department of Computer Science Block ciphers are an essential ingredient of modern cryptography. They are widely used as building blocks in many cryptographic constructions such as encryption schemes, hash funct...
متن کاملOn the Indifferentiability of Key-Alternating Feistel Ciphers with No Key Derivation
Feistel constructions have been shown to be indifferentiable from random permutations at STOC 2011. Whereas how to properly mix the keys into an un-keyed Feistel construction without appealing to domain separation technique to obtain a block cipher which is provably secure against known-key and chosen-key attacks (or to obtain an ideal cipher) remains an open problem. We study this, particularl...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2013 شماره
صفحات -
تاریخ انتشار 2013