Open AccessJournal Article
Luby-Rackoff ciphers: Why XOR is not so exclusive
Reads0
Chats0
TLDR
A four round Luby-Rackoff cipher is constructed, operating over finite groups of characteristic greater than 2, that is not only completely secure against adaptive chosen plaintext and ciphertext attacks, but has better time / space complexity and uses fewer random bits than all previously considered Luby, Rackoff ciphers of equivalent security in the literature.Abstract:
This work initiates a study of Luby-Rackoff ciphers when the bitwise exclusive-or (XOR) operation in the underlying Feistel network is replaced by a binary operation in an arbitrary finite group. We obtain various interesting results in this context: - First, we analyze the security of three-round Feistel ladders over arbitrary groups. We examine various Luby-Rackoff ciphers known to be insecure when XOR is used. In some cases, we can break these ciphers over arbitrary Abelian groups and in other cases, however, the security remains an open problem. - Next, we construct a four round Luby-Rackoff cipher, operating over finite groups of characteristic greater than 2, that is not only completely secure against adaptive chosen plaintext and ciphertext attacks, but has better time / space complexity and uses fewer random bits than all previously considered Luby-Rackoff ciphers of equivalent security in the literature. Surprisingly, when the group is of characteristic 2 (i.e., the underlying operation on strings is bitwise exclusive-or), the cipher can be completely broken in a constant number of queries. Notably, for the former set of results dealing with three rounds (where we report no difference) we need new techniques. However for the latter set of results dealing with four rounds (where we prove a new theorem) we rely on a generalization of known techniques albeit requires a new type of hash function family, called a monosymmetric hash function family, which we introduce in this work. We also discuss the existence (and construction) of this function family over various groups, and argue the necessity of this family in our construction. Moreover, these functions can be very easily and efficiently implemented on most current microprocessors thereby rendering the four round construction very practical.read more
Citations
More filters
Book
The Block Cipher Companion
Lars R. Knudsen,Matthew Robshaw +1 more
TL;DR: This book provides a technically detailed, yet readable, account of the state of the art of block cipher analysis, design, and deployment and provides an overview of some of the most important cryptanalytic methods.
Book ChapterDOI
Efficient constructions of variable-input-length block ciphers
TL;DR: This paper contains two constructions that start with a fixed-input-length block cipher and show how to securely convert it to a variable- input- length block cipher without making any additional cryptographic assumptions.
Journal ArticleDOI
On the group generated by the round functions of translation based ciphers over arbitrary finite fields
TL;DR: In this paper, a translation-based cipher over an arbitrary finite field was defined and the permutation group generated by the round functions of such a cipher was studied, and it was shown that under certain cryptographic assumptions this group is primitive.
Horst Meets Fluid-SPN: Griffin for Zero-Knowledge Applications
TL;DR: The Horst mode of operation is proposed, in which the addition in a Feistel scheme (x, y) 7→ (y+F (x), x) is replaced by a multiplication, i.e., ( x, y), which shows how to combine an expanding Horst scheme and the strong points of existing schemes in order to provide security and better efficiency in the target applications.
Journal ArticleDOI
Algebraic properties of generalized rijndael-like ciphers
TL;DR: Conditions under which the group generated by the Rijndael-like round functions based on operations of the finite field GF (p k ) is equal to the symmetric group or the alternating group on the state space are provided.