Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
skip to main content
10.1007/978-3-662-53018-4_4guideproceedingsArticle/Chapter ViewAbstractPublication PagesConference Proceedingsacm-pubtype
Article

Indifferentiability of 8-Round Feistel Networks

Published: 14 August 2016 Publication History

Abstract

We prove that a balanced 8-round Feistel network is indifferentiable from a random permutation, improving on previous 10-round results by Dachman-Soled et al. and Dai et al. Our simulator achieves security $$Oq^8/2^n$$, similarly to the security of Dai et al. For further comparison, Dachman-Soled et al. achieve security $$Oq^{12}/2^n$$, while the original 14-round simulator of Holenstein et al. achieves security $$Oq^{10}/2^n$$.

References

[1]
Andreeva, E., Bogdanov, A., Dodis, Y., Mennink, B., Steinberger, J.P.: On the indifferentiability of key-alternating ciphers. In: Canetti, R., Garay, J.A. eds. CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 531---550. Springer, Heidelberg 2013
[2]
Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62---73 1993
[3]
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: On the indifferentiability of the sponge construction. In: Smart, N.P. ed. EUROCRYPT 2008. LNCS, vol. 4965, pp. 181---197. Springer, Heidelberg 2008
[4]
Canetti, R.: Security and composition of multi-party cryptographic protocols. J. Cryptol. 131, 143---202 2000
[5]
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: Proceedings of 42nd IEEE Symposium on Foundations of Computer Science FOCS, pp. 136---145 2001
[6]
Chen, S., Steinberger, J.: Tight security bounds for key-alternating ciphers. In: Nguyen, P.Q., Oswald, E. eds. EUROCRYPT 2014. LNCS, vol. 8441, pp. 327---350. Springer, Heidelberg 2014
[7]
Coron, J.-S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-Damgård revisited: how to construct a hash function. In: Shoup, V. ed. CRYPTO 2005. LNCS, vol. 3621, pp. 430---448. Springer, Heidelberg 2005
[8]
Coron, J.-S., Dodis, Y., Mandal, A., Seurin, Y.: A domain extender for the ideal cipher. In: Micciancio, D. ed. TCC 2010. LNCS, vol. 5978, pp. 273---289. Springer, Heidelberg 2010
[9]
Coron, J.-S., Patarin, J., Seurin, Y.: The random oracle model and the ideal cipher model are equivalent. In: Wagner, D. ed. CRYPTO 2008. LNCS, vol. 5157, pp. 1---20. Springer, Heidelberg 2008
[10]
Dachman-Soled, D., Katz, J., Thiruvengadam, A.: 10-round feistel is indifferentiable from an ideal cipher. In: Fischlin, M., Coron, J.-S. eds. EUROCRYPT 2016. LNCS, vol. 9666, pp. 649---678. Springer, Heidelberg 2016.
[11]
Dai, Y., Steinberger, J.: Indifferentiability of 10-round Feistel networks. IACR ePrint Archive, Technical Report 2015/874 2015
[12]
Dai, Y., Steinberger, J.: Indifferentiability of 8-round Feistel networks. IACR ePrint Archive, Technical Report 2015/1069 2015
[13]
Dodis, Y., Puniya, P.: On the relation between the ideal cipher and the random oracle models. In: Halevi, S., Rabin, T. eds. TCC 2006. LNCS, vol. 3876, pp. 184---206. Springer, Heidelberg 2006
[14]
Dodis, Y., Liu, T., Stam, M., Steinberger, J.: On the indifferentiability of confusion-diffusion networks. IACR ePrint Archive, Technical Report 2015/680 2015
[15]
Dodis, Y., Reyzin, L., Rivest, R.L., Shen, E.: Indifferentiability of permutation-based compression functions and tree-based modes of operation, with applications to MD6. In: Dunkelman, O. ed. FSE 2009. LNCS, vol. 5665, pp. 104---121. Springer, Heidelberg 2009
[16]
Dodis, Y., Ristenpart, T., Steinberger, J., Tessaro, S.: To hash or not to hash again? InDifferentiability results for H$$^\text{2 }$$ and HMAC. In: Canetti, R., Safavi-Naini, R. eds. CRYPTO 2012. LNCS, vol. 7417, pp. 348---366. Springer, Heidelberg 2012
[17]
Feistel, H.: Cryptographic coding for data-bank privacy. IBM Technical report RC-2827, 18 March 1970
[18]
Feistel, H., Notz, W.A., Lynn Smith, J.: Some cryptographic techniques for machine-to-machine data communications. IEEE Proc. 6311, 1545---1554 1975
[19]
Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. ed. CRYPTO 1986. LNCS, vol. 263, pp. 186---194. Springer, Heidelberg 1987
[20]
Holenstein, T., Künzler, R., Tessaro, S.: The equivalence of the random oracle model and the ideal cipher model, revisited. In: Fortnow, L., Vadhan, S.P. eds. Proceedings of the 43rd ACM Symposium on Theory of Computing, STOC 2011, San Jose, CA, USA, pp. 89---98. ACM, 6---8 June 2011
[21]
Lampe, R., Seurin, Y.: How to construct an ideal cipher from a small set of public permutations. In: Sako, K., Sarkar, P. eds. ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 444---463. Springer, Heidelberg 2013
[22]
Luby, M., Rackoff, C.: How to construct pseudorandom permutations and pseudorandom functions. SIAM J. Comput. 172, 373---386 1988
[23]
Maurer, U.M., Renner, R.S., Holenstein, C.: Indifferentiability, impossibility results on reductions, and applications to the random oracle methodology. In: Naor, M. ed. TCC 2004. LNCS, vol. 2951, pp. 21---39. Springer, Heidelberg 2004
[24]
Naor, M., Reingold, O.: On the construction of pseudorandom permutations: Luby-Rackoff revisited. J. Cryptol. 121, 29---66 1999. Preliminary Version: STOC 1997
[25]
Patarin, J.: Security of balanced and unbalanced Feistel schemes with linear non equalities. IACR ePrint Arxiv, Technical Report 2010/293 2010
[26]
Pfitzmann, B., Waidner, M.: Composition and integrity preservation of secure reactive systems. In: 7th ACM Conference on Computer and Communications Security, pp. 245---254. ACM Press 2000
[27]
Pfitzmann, B., Waidner, M.: A model for asynchronous reactive systems and its application to secure message transmission. Technical report 93350, IBM Research Division, Zürich 2000
[28]
Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U.M. ed. EUROCRYPT 1996. LNCS, vol. 1070, pp. 387---398. Springer, Heidelberg 1996
[29]
Ristenpart, T., Shacham, H., Shrimpton, T.: Careful with composition: limitations of the indifferentiability framework. In: Paterson, K.G. ed. EUROCRYPT 2011. LNCS, vol. 6632, pp. 487---506. Springer, Heidelberg 2011
[30]
Hoang, V.T., Rogaway, P.: On generalized Feistel networks. In: Rabin, T. ed. CRYPTO 2010. LNCS, vol. 6223, pp. 613---630. Springer, Heidelberg 2010
[31]
Seurin, Y.: Primitives et protocoles cryptographiques í sécurité prouvée. Ph.D. thesis, Université de Versailles Saint-Quentin-en-Yvelines, France 2009
[32]
Seurin, Y.: A note on the indifferentiability of the 10-round Feistel construction. http://yannickseurin.free.fr/pubs/Seurin_note_ten_rounds.pdf
[33]
Winternitz, R.: A secure one-way hash function built from DES. In: Proceedings of the IEEE Symposium on Information Security and Privacy, pp. 88---90. IEEE Press 1984

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings
Proceedings, Part I, of the 36th Annual International Cryptology Conference on Advances in Cryptology --- CRYPTO 2016 - Volume 9814
August 2016
661 pages
ISBN:9783662530177

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 14 August 2016

Author Tags

  1. Block ciphers
  2. Feistel network

Qualifiers

  • Article

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)0
  • Downloads (Last 6 weeks)0
Reflects downloads up to 16 Feb 2025

Other Metrics

Citations

Cited By

View all

View Options

View options

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media