Feistel Networks: Indifferentiability at 10 Rounds
نویسندگان
چکیده
We prove that a (balanced) 10-round Feistel network is indifferentiable from a random permutation. In a previous seminal result, Holenstein et al. [17] had established indifferentiability of Feistel at 14 rounds. Our simulator achieves security O(q/2) and query complexity O(q), where n is half the block length, similarly to the 14-round simulator of [17], so that our result is a strict (and also the first) improvement of [17]. Our simulator is very similar to a 10-round simulator of Seurin [29] that was subsequently found to be flawed [17,30]. Indeed, the main change of our simulator is to switch to “FIFO” path completion from “LIFO” path completion. This relatively minor change results in an overall significant paradigm shift, including a conceptually simpler proof.
منابع مشابه
On the Public Indifferentiability and Correlation Intractability of the 6-Round Feistel Construction
We show that the Feistel construction with six rounds and random round functions is publicly indifferentiable from a random invertible permutation (a result that is not known to hold for full indifferentiability). Public indifferentiability (pub-indifferentiability for short) is a variant of indifferentiability introduced by Yoneyama et al. [29] and Dodis et al. [12] where the simulator knows a...
متن کاملFeistel Networks: Indifferentiability at 8 Rounds
We prove that a balanced 8-round Feistel network is indifferentiable from a random permutation. This result comes on the heels of (and is part of the same body of work as) a 10-round indifferentiability result for Feistel network recently announced by the same team of authors [10]. The current 8-round simulator achieves similar security, query complexity and runtime as the 10-round simulator an...
متن کاملIndifferentiability of 10-Round Feistel Networks
We prove that a (balanced) 10-round Feistel network is indifferentiable from a random permutation. In a previous seminal result, Holenstein et al. [17] had established indifferentiability of Feistel at 14 rounds. Our simulator achieves security O(q/2), runtime O(q) and query complexity O(q), to be compared with security O(q/2), runtime O(q) and query complexity O(q) for the 14-round simulator o...
متن کاملEquivalence of the Random Oracle Model and the Ideal Cipher Model, Revisited
We consider the cryptographic problem of constructing an invertible random permutation from a public random function (i.e., which can be accessed by the adversary). This goal is formalized by the notion of indifferentiability of Maurer et al. (TCC 2004). This is the natural extension to the public setting of the well-studied problem of building random permutations from random functions, which w...
متن کاملA Note on the Indifferentiability of the 10-Round Feistel Construction
Holenstein et al. (STOC 2011) have shown that the Feistel construction with fourteen rounds and public random round functions is indifferentiable from a random permutation. In the same paper, they pointed out that a previous proof for the 10-round Feistel construction by Seurin (PhD thesis) was flawed. However, they left open the question of whether the proof could be patched (leaving hope that...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2015 شماره
صفحات -
تاریخ انتشار 2015