1,888 research outputs found

    How to Construct an Ideal Cipher from a Small Set of Public Permutations

    Get PDF
    We show how to construct an ideal cipher with nn-bit blocks and nn-bit keys (\emph{i.e.} a set of 2n2^n public nn-bit permutations) from a small constant number of nn-bit random public permutations. The construction that we consider is the \emph{single-key iterated Even-Mansour cipher}, which encrypts a plaintext x∈{0,1}nx\in\{0,1\}^n under a key k∈{0,1}nk\in\{0,1\}^n by alternatively xoring the key kk and applying independent random public nn-bit permutations P1,…,PrP_1,\ldots, P_r (this construction is also named a \emph{key-alternating cipher}). We analyze this construction in the plain indifferentiability framework of Maurer, Renner, and Holenstein (TCC 2004), and show that twelve rounds are sufficient to achieve indifferentiability from an ideal cipher. We also show that four rounds are necessary by exhibiting attacks for three rounds or less
    • …
    corecore