Expanding Pseudorandom Functions; or: From Known-Plaintext Security to Chosen-Plaintext Security
نویسندگان
چکیده
We present a new encryption mode for block ciphers. The mode is efficient and is secure against chosen-plaintext attack (CPA) already if the underlying symmetric cipher is secure against known-plaintext attack (KPA). We prove that known (and widely used) encryption modes as CBC mode and counter mode do not have this property. In particular, we prove that CBC mode using a KPA secure cipher is KPA secure, but need not be CPA secure, and we prove that counter mode using a KPA secure cipher need not be even KPA secure. The analysis is done in a concrete security framework.
منابع مشابه
A Fast and Key-Efficient Reduction of Chosen-Ciphertext to Known-Plaintext Security
Motivated by the quest for reducing assumptions in security proofs in cryptography, this paper is concerned with designing efficient symmetric encryption and authentication schemes based on any weak pseudorandom function (PRF) which can be much more efficiently implemented than PRFs. Damg̊ard and Nielsen (CRYPTO ’02) have shown how to construct an efficient symmetric encryption scheme based on a...
متن کاملCryptanalysis of two chaotic encryption schemes based on circular bit shift and XOR operations
Recently two encryption schemes were proposed by combining circular bit shift and XOR operations, under the control of a pseudorandom bit sequence (PRBS) generated from a chaotic system. This paper studies the security of these two encryption schemes and reports the following findings: 1) there exist some security defects in both schemes; 2) the underlying chaotic PRBS can be reconstructed as a...
متن کاملBreaking a novel image encryption scheme based on improved hyperchaotic sequences
Recently, a novel image encryption scheme based on improved hyperchaotic sequences was proposed. A pseudorandom number sequence, generated by a hyper-chaos system, is used to determine two involved encryption functions, bitwise exclusive or (XOR) operation and modulo addition. It was reported that the scheme can be broken with some pairs of chosen plain-images and the corresponding cipher-image...
متن کاملLuby-Rackoff Ciphers from Weak Round Functions?
The Feistel-network is a popular structure underlying many block-ciphers where the cipher is constructed from many simpler rounds, each defined by some function which is derived from the secret key. Luby and Rackoff showed that the three-round Feistel-network – each round instantiated with a pseudorandom function secure against adaptive chosen plaintext attacks (CPA) – is a CPA secure pseudoran...
متن کاملThe Security of Many-Round Luby-Rackoff Pseudo-Random Permutations
Luby and Rackoff showed how to construct a (super-)pseudorandom permutation {0, 1}2n → {0, 1}2n from some number r of pseudorandom functions {0, 1}n → {0, 1}n. Their construction, motivated by DES, consists of a cascade of r Feistel permutations. A Feistel permutation 1for a pseudo-random function f is defined as (L, R) → (R, L ⊕ f(R)), where L and R are the left and right part of the input and...
متن کامل