Pseudorandomness Analysis of the Lai-Massey Scheme
نویسندگان
چکیده
At Asiacrypt’99, Vaudenay modified the structure in the IDEA cipher to a new scheme, which they called as the Lai-Massey scheme. It is proved that 3-round Lai-Massey scheme is sufficient for pseudorandomness and 4-round Lai-Massey scheme is sufficient for strong pseudorandomness. But the author didn’t point out whether three rounds and four rounds are necessary for the pseudorandomness and strong pseudorandomness of the Lai-Massey Scheme. In this paper we find a tworound pseudorandomness distinguisher and a three-round strong pseudorandomness distinguisher, thus prove that three rounds is necessary for the pseudorandomness and four rounds is necessary for the strong pseudorandomness.
منابع مشابه
The Pseudorandomness of Many-Round Lai-Massey Scheme
In this paper we prove beyond-birthday-bound for the (strong) pseudorandomness of many-round Lai-Massey scheme. Motivated by Hoang and Rogaway’s analysis of generalized Feistel networks, we use the coupling technology from Markov chain theory and prove that for any > 0, with enough rounds, the Lai-Massey scheme is indistinguishable from a uniform random permutation by any computationally unbo...
متن کاملImpossible Differential Cryptanalysis on Lai - Massey Scheme Rui
© 2014 ETRI Journal, Volume 36, Number 6, December 2014 http://dx.doi.org/10.4218/etrij.14.0113.1335 The Lai-Massey scheme, proposed by Vaudenay, is a modified structure in the International Data Encryption Algorithm cipher. A family of block ciphers, named FOX, were built on the Lai-Massey scheme. Impossible differential cryptanalysis is a powerful technique used to recover the secret key of b...
متن کاملLai-Massey Scheme and Quasi-Feistel Networks
We introduce the notion of quasi-Feistel network, which is generalization of the Feistel network, and contains the Lai-Massey scheme as an instance. We show that some of the works on the Feistel network, including the works of Luby-Rackoff, Patarin, Naor-Reingold and Piret, can be naturally extended to our setting. This gives a new proof for theorems of Vaudenay on the security of the Lai-Masse...
متن کاملOn Lai-Massey and quasi-Feistel ciphers
We introduce a newnotion called a quasi-Feistel cipher, which is a generalization of the Feistel cipher, and contains the Lai–Massey cipher as an instance. We show that most of the works on the Feistel cipher can be naturally extended to the quasi-Feistel cipher. From this, we give a new proof for Vaudenay’s theorems on the security of the Lai–Massey cipher, and also we introduce for Lai–Massey...
متن کاملFOX Algorithm Implementation: a hardware design approach
Encryption algorithms are becoming more necessary to ensure data is securely transmitted over insecure communication channels. FOX is a recently developed algorithm and its structure is based on the already proven IDEA (International Data Encryption Algorithm) cipher. FOX is a symmetric (private key) block cipher. Its top-level structure uses the Lai-Massey scheme and the round functions used i...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2009 شماره
صفحات -
تاریخ انتشار 2009