Luby-Rackoff backwards: Increasing security by making block ciphers non-invertible

Luby-Rackoff backwards: Increasing security by making block ciphers non-invertible (1998)

Cached

Download Links

by Mihir Bellare , Ted Krovetz , Phillip Rogaway

Venue:	ADVANCES IN CRYPTOLOGY\|EUROCRYPT '98 PROCEEDINGS
Citations:	20 - 2 self

BibTeX

@INPROCEEDINGS{Bellare98luby-rackoffbackwards:,
    author = {Mihir Bellare and Ted Krovetz and Phillip Rogaway},
    title = {Luby-Rackoff backwards: Increasing security by making block ciphers non-invertible},
    booktitle = {ADVANCES IN CRYPTOLOGY|EUROCRYPT '98 PROCEEDINGS},
    year = {1998},
    pages = {140--3},
    publisher = {Springer-Verlag}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

We argue that the invertibility of a block cipher can reduce the security of schemes that use it, and a better starting point for scheme design is the non-invertible analog of a block cipher, that is, a pseudorandom function (PRF). Since a block cipher may be viewed as a pseudorandom permutation, we are led to investigate the reverse of the problem studied by Luby and Rackoff, and ask: "how can one transform a PRP into a PRF in as security-preserving a way as possible?" The solution we propose is data-dependent re-keying. As an illustrative special case, let E:f0; 1g nf0;1g n!f0;1g n be the block cipher. Then we can construct the PRF F from the PRP E by setting F (k; x) =E(E(k; x);x). We generalize this to allow for arbitrary block and key lengths, and to improve e ciency. We prove strong quantitative bounds on the value of data-dependent re-keying in the Shannon model of an ideal cipher, and take some initial steps towards an analysis in the standard model.

Citations

1001	Probabilistic encryption - Goldwasser, Micali - 1984
596	Communication Theory of Secrecy Systems - Shannon - 1949
544	How to construct random functions - Goldreich, Goldwasser, et al. - 1986
296	A Concrete Security Treatment of Symmetric Encryption - Bellare, Desai, et al. - 1997
284	New Hash Functions and their Use in Authentication and Set Equality - Wegman, Carter - 1981
244	How to construct pseudorandom permutations from pseudorandom functions - Luby, Rackoff - 1988
137	The security of cipher block chaining - Bellare, Kilian, et al. - 1994
112	The First Experimental Cryptanalysis of the Data Encryption Standard - Matsui - 1994
109	XOR MACs: New methods for message authentication using finite pseudorandom functions - Bellare, Guérin, et al. - 1995
82	On the construction of pseudo-random permutations: Luby-Rackoff revisited - Naor, Reingold - 1999
79	Pseudorandom Functions Revisited: The Cascade Construction and its Concrete Security - Bellare, Canetti, et al. - 1996
73	How to protect DES against exhaustive key search (an analysis of DESX - Kilian, Rogaway - 2001
61	On Fast and Provably Secure Message Authentication Based on Universal Hashing - Shoup - 1996
37	Y.: A Construction of a Cipher From a Single Pseudorandom Permutation. In: Imai et al - Even, Mansour
26	A simplified and generalized treatment of Luby-Rackoff pseudorandom permutation generators - Maurer - 1992
18	private communication - Kahn
13	How to Construct Pseudorandom Permutations from a Single Pseudorandom Functions - Pieprzyk
11	Improved security bounds for pseudorandom permutations - Patarin - 1997
10	About Feistel Schemes with Six (or More) Rounds - Patarin - 1998
9	Impossibility and optimality results on constructing pseudorandom permutations - Zheng, Matsumoto, et al.
3	Foiling birthday attacks in output-doubling transformations - Aiello, Vanketesan
2	A simpli ed and generalized treatment of Luby-Racko pseudorandom permutation generators - Maurer - 1992
1	Pseudorandomness and Crpyptographic Applications - Luby - 1996