Results 1 
2 of
2
Generic Attacks on Unbalanced Feistel Schemes with Expanding Functions
 ASIACRYPT'07
, 2007
"... Unbalanced Feistel schemes with expanding functions are used to construct pseudorandom permutations from kn bits to kn bits by using random functions from n bits to (k − 1)n bits. At each round, all the bits except n bits are changed by using a function that depends only on these n bits. C.S.Jutla ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Unbalanced Feistel schemes with expanding functions are used to construct pseudorandom permutations from kn bits to kn bits by using random functions from n bits to (k − 1)n bits. At each round, all the bits except n bits are changed by using a function that depends only on these n bits. C.S.Jutla [6] investigated such schemes, which he denotes by F^d_k, where d is the number of rounds. In this paper, we describe novel Known Plaintext Attacks (KPA) and Non Adaptive Chosen Plaintext Attacks (CPA1) against these schemes. With these attacks we will often be able to improve the result of C.S.Jutla. We also give precise formulas for the complexity of our attacks in d, k and n. Key words: Unbalanced Feistel permutations, pseudorandom permutations, generic attacks on encryption schemes, Block ciphers.
Building Secure Block Ciphers on Generic Attacks Assumptions
"... Abstract. Up to now, the design of block ciphers has been mainly driven by heuristic arguments, and little theory is known to constitute a good guideline for the development of their architecture. Trying to remedy this situation, we introduce a new type of design for symmetric cryptographic primitiv ..."
Abstract
 Add to MetaCart
Abstract. Up to now, the design of block ciphers has been mainly driven by heuristic arguments, and little theory is known to constitute a good guideline for the development of their architecture. Trying to remedy this situation, we introduce a new type of design for symmetric cryptographic primitives with high selfsimilarity. Our design strategy enables to give a reductionist security proof for the primitive based on plausible assumptions regarding the complexity of the best distinguishing attacks on random Feistel schemes or other ideal constructions. Under these assumptions, the cryptographic primitives we obtain are perfectly secure against any adversary with computational resources less than a given bound. By opposition, other provably secure symmetric primitives, as for example C [3] and KFC [4], designed using informationtheoretic results, are only proved to resist a limited (though significant) range of attacks. Our construction strategy leads to a large expanded key size, though still usable in practice (around 1 MB). Key words: block ciphers, Feistel schemes, generic attacks, provable security 1