Abstract
We argue that the invertibility of a block cipher can reduce the security of schemes that use it, and a better starting point for scheme design is the non-invertible analog of a block cipher, that is, a pseudorandom function (PRF). Since a block cipher may be viewed as a pseudorandom permutation, we are led to investigate the reverse of the problem studied by Luby and Rackoff, and ask: “how can one transform a PRP into a PRF in as security-preserving a way as possible?” The solution we propose is data- dependent re- keying. As an illustrative special case, let E: {0, 1}n x {0, 1}n → {0, 1}n be the block cipher. Then we can construct the PRF F from the PRP E by setting F(k, x) = E(E(k, x), x). We generalize this to allow for arbitrary block and key lengths, and to improve efficiency. We prove strong quantitative bounds on the value of data-dependent re-keying in the Shannon model of an ideal cipher, and take some initial steps towards an analysis in the standard model.
Chapter PDF
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
W. Aiello and R. Vanketesan, “Foiling birthday attacks in output-doubling transformations.” Advances in Cryptology — Eurocrypt 96 Proceedings, Lecture Notes in Computer Science Vol. 1070, U. Maurer ed., Springer-Verlag, 1996.
M. Bellare, O. Goldreich and H. Krawczyk, personal communications, 1995.
M. Bellare, R. Canetti and H. Krawczyk, “Pseudorandom functions revis-ited: The cascade construction and its concrete security.” Proceedings of the 37th Symposium on Foundations of Computer Science, IEEE, 1996.
M. Bellare, A. Desai, E. Jokipii and P. Rogaway, “A concrete security treatment of symmetric encryption.” Proceedings of the 38th Symposium on Foundations of Computer Science, IEEE, 1997.
M. Bellare, R. Guérin and P. Rogaway, “XOR MACs: New methods for message authentication using a finite pseudorandom function.” Advances in Cryp-tology — Crypto 95 Proceedings, Lecture Notes in Computer Science Vol. 963, D. Coppersmith ed., Springer-Verlag, 1995.
M. Bellare, J. Kilian and P. Rogaway, “The security of cipher block chain-ing.” Advances in Cryptology — Crypto 94 Proceedings, Lecture Notes in Com-puter Science Vol. 839, Y. Desmedt ed., Springer-Verlag, 1994.
M. Bellare, T. Krovetz and P. Rogaway, “Luby-Rackoff backwards: Increas-ing security by making block ciphers non-invertible.” Full version of this paper, available at http://www-cse.ucsd.edu/users/mihir
S. Even and Y. Mansour, “A construction of a cipher from a single pseudo-random permutation.” Advances in Cryptology — ASIACRYPT 91 Proceedings, Lecture Notes in Computer Science Vol. 739, H. Imai, R. Rivest and T. Matsumoto ed., Springer-Verlag, 1991.
O. Goldreich, S. Goldwasser and S. Micali, “How to construct random functions,” Journal of the ACM, Vol. 33, No. 4, 1986, pp. 210–217.
S. Goldwasser and S. Micali, “Probabilistic encryption.” J. of Computer and System Sciences, Vol. 28, April 1984, pp. 270–299.
J. Kilian and P. Rogaway, “How to protect DES against exhaustive key search.” Advances in Cryptology — Crypto 96 Proceedings, Lecture Notes in Computer Science Vol. 1109, N. Koblitz ed., Springer-Verlag, 1996.
M. Luby, Pseudorandomness and Crpyptographic Applications. Princeton Uni-versity Press, 1996.
M. Lubyand C. Rackoff, “How to construct pseudorandom permutations from pseudorandom functions.” SIAM J. Comput, Vol. 17, No. 2, April 1988.
M. Matsui, “The first experimental cryptanalysis of the Data Encryption Stan-dard.” Advances in Cryptology — Crypto 94 Proceedings, Lecture Notes in Com-puter Science Vol. 839, Y. Desmedt ed., Springer-Verlag, 1994, pp. 1–2.
U. Maurer, “A simplified and generalized treatment of Luby-Rackoff pseudoran-dom permutation generators.” Advances in Cryptology — Eurocrypt 92 Proceed-ings, Lecture Notes in Computer Science Vol. 658, R. Rueppel ed., Springer-Verlag, 1992, pp. 239–255.
M. Naor and O. Reingold, “On the construction of pseudo-random permuta-tions: Luby-Rackoff revisited.” Proceedings of the 29th Annual Symposium on Theory of Computing, ACM, 1997.
J. Patarin, “Improved security bounds for pseudorandom permutations.” Fourth ACM Conference on Computer and Communications Security, 1997.
J. Patarin, “About Feistel schemes with six (or more) rounds.” To appear in Fast Software Encryption (FSE5), March 1998.
J. Pieprzyk, “How to construct pseudorandom permutations from single pseu-dorandom functions.” Advances in Cryptology — Eurocrypt 90 Proceedings, Lec-ture Notes in Computer Science Vol. 473, I. Damgård ed., Springer-Verlag, 1990 pp. 140–150.
C. Shannon, “Communication theory of secrecy systems.” Bell Systems Technical Journal, 28(4), 656–715 (1949).
V. Shoup, “On fast and provably secure message authentication based on univer-sal hashing.” Advances in Cryptology — Crypto 96 Proceedings, Lecture Notes in Computer Science Vol. 1109, N. Koblitz ed., Springer-Verlag, 1996.
M. Wegman and L. Carter, “New hash functions and their use in authentica-tion and set equality.” J. of Computer and System Sciences 22, 265–279 (1981).
Y. Zheng, T. Matsumoto and H. Imai, “Impossibility and optimality results on constructing pseudorandom permutations.” Advances in Cryptology — Crypto 90 Proceedings, Lecture Notes in Computer Science Vol. 537, A. J. Menezes and S. Vanstone ed., Springer-Verlag, 1990, pp. 412–422.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bellare, M., Krovetz, T., Rogaway, P. (1998). Luby-Rackoff backwards: Increasing security by making block ciphers non-invertible. In: Nyberg, K. (eds) Advances in Cryptology — EUROCRYPT'98. EUROCRYPT 1998. Lecture Notes in Computer Science, vol 1403. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0054132
Download citation
DOI: https://doi.org/10.1007/BFb0054132
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64518-4
Online ISBN: 978-3-540-69795-4
eBook Packages: Springer Book Archive