Ciphers Secure against Related-Key Attacks
نویسنده
چکیده
In a related-key attack, the adversary is allowed to transform the secret key and request encryptions of plaintexts under the transformed key. This paper studies the security of PRFand PRP-constructions against related-key attacks. For adversaries who can only transform a part of the key, we propose a construction and prove its security, assuming a conventionally secure block cipher is given. By the terms of concrete security, this is an improvement over a recent result by Bellare and Kohno [2]. Further, based on some technical observations, we present two novel constructions for related-key secure PRFs, and we prove their security under number-theoretical infeasibility assumptions.
منابع مشابه
The Security of Elastic Block Ciphers Against Key-Recovery Attacks
We analyze the security of elastic block ciphers against key-recovery attacks. An elastic version of a fixed-length block cipher is a variable-length block cipher that supports any block size in the range of one to two times the length of the original block. Our method for creating an elastic block cipher involves inserting the round function of the original cipher into a substitution-permutati...
متن کاملNecessary conditions for designing secure stream ciphers with the minimal internal states
After the introduction of some stream ciphers with the minimal internal state, the design idea of these ciphers (i.e. the design of stream ciphers by using a secret key, not only in the initialization but also permanently in the keystream generation) has been developed. The idea lets to design lighter stream ciphers that they are suitable for devices with limited resources such as RFID, WSN. We...
متن کاملA General Analysis of the Security of Elastic Block Ciphers
We analyze the security of elastic block ciphers in general to show that an attack on an elastic version of block cipher implies a polynomial time related attack on the fixed-length version of the block cipher. We relate the security of the elastic version of a block cipher to the fixed-length version by forming a reduction between the versions. Our method is independent of the specific block c...
متن کاملNotions and relations for RKA-secure permutation and function families
The theory of designing block ciphers is mature, having seen significant progress since the early 1990s for over two decades, especially during the AES development effort. Nevertheless, interesting directions exist, in particular in the study of the provable security of block ciphers along similar veins as public-key primitives, i.e. the notion of pseudorandomness (PRP) and indistinguishability...
متن کاملSecurity of Even-Mansour Ciphers under Key-Dependent Messages
The iterated Even–Mansour (EM) ciphers form the basis of many blockcipher designs. Several results have established their security in the CPA/CCA models, under related-key attacks, and in the indifferentiability framework. In this work, we study the Even–Mansour ciphers under key-dependent message (KDM) attacks. KDM security is particularly relevant for blockciphers since non-expanding mechanis...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2004