Alternating Product Ciphers: A Case for Provable Security Comparisons - (Extended Abstract)

نویسنده

  • John O. Pliam
چکیده

We formally study iterated block ciphers that alternate between two sequences of independent and identically distributed (i.i.d.) rounds. It is demonstrated that, in some cases the effect of alternating increases security, while in other cases the effect may strictly decrease security relative to the corresponding product of one of its component sequences. As this would appear to contradict conventional wisdom based on the ideal cipher approximation, we introduce new machinery for provable security comparisons. The comparisons made here simultaneously establish a coherent ordering of security metrics ranging from key-recovery cost to computational indistinguishability.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Alternating Product Ciphers: A Case for Provable Security Comparisons

We formally study iterated block ciphers that alternate between two sequences of independent and identically distributed (i.i.d.) rounds. It is demonstrated that, in some cases the effect of alternating increases security, while in other cases the effect may strictly decrease security relative to the corresponding product of one of its component sequences. As this would appear to contradict con...

متن کامل

On the computational complexity of finding a minimal basis for the guess and determine attack

Guess-and-determine attack is one of the general attacks on stream ciphers. It is a common cryptanalysis tool for evaluating security of stream ciphers. The effectiveness of this attack is based on the number of unknown bits which will be guessed by the attacker to break the cryptosystem. In this work, we present a relation between the minimum numbers of the guessed bits and uniquely restricted...

متن کامل

Key-Alternating Ciphers in a Provable Setting: Encryption Using a Small Number of Public Permutations

This paper considers—for the first time—the concept of keyalternating ciphers in a provable security setting. Key-alternating ciphers can be seen as a generalization of a construction proposed by Even and Mansour in 1991. This construction builds a block cipher PX from an n-bit permutation P and two n-bit keys k0 and k1, setting PXk0,k1(x) = k1 ⊕ P (x ⊕ k0). Here we consider a (natural) extensi...

متن کامل

The Security of Multiple Encryption in the Ideal Cipher Model

Multiple encryption—the practice of composing a blockcipher several times with itself under independent keys—has received considerable attention of late from the standpoint of provable security. Despite these efforts proving definitive security bounds (i.e., with matching attacks) has remained elusive even for the special case of triple encryption. In this paper we close the gap by improving bo...

متن کامل

Toward Provable Security Against Differential and Linear Cryptanalysis for Camellia and Related Ciphers

We present a new algorithm that evaluates provable security against differential and linear cryptanalysis for Feistel ciphers with invertible substitution-diffusion (SD)-based round functions. This algorithm computes an upper bound on the maximum expected differential or linear probability (MEDP or MELP) based on the number of rounds. We then apply our algorithm to Camellia (minus FL/FL). Previ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2013