DeepAI AI Chat
Log In Sign Up

Understanding the Related-Key Security of Feistel Ciphers from a Provable Perspective

by   Chun Guo, et al.

We initiate the provable related-key security treatment for models of practical Feistel ciphers. In detail, we consider Feistel networks with four whitening keys _i(k) (i=0,1,2,3) and round-functions of the form f(_i(k)⊕ X), where k is the main-key, _i and _i are efficient transformations, and f is a public ideal function or permutation that the adversary is allowed to query. We investigate conditions on the key-schedules that are sufficient for security against XOR-induced related-key attacks up to 2^n/2 adversarial queries. When the key-schedules are non-linear, we prove security for 4 rounds. When only affine key-schedules are used, we prove security for 6 rounds. These also imply secure tweakable Feistel ciphers in the Random Oracle model. By shuffling the key-schedules, our model unifies both the DES-like structure (known as Feistel-2 scheme in the cryptanalytic community, a.k.a. key-alternating Feistel due to Lampe and Seurin, FSE 2014) and the Lucifer-like model (previously analyzed by Guo and Lin, TCC 2015). This allows us to derive concrete implications on these two (more common) models, and helps understanding their differences---and further understanding the related-key security of Feistel ciphers.


page 1

page 2

page 3

page 4


Quantum Key-length Extension

Should quantum computers become available, they will reduce the effectiv...

On non-adaptive quantum chosen-ciphertext attacks and Learning with Errors

Large-scale quantum computing is a significant threat to classical publi...

Towards practical key exchange from ordinary isogeny graphs

We revisit the ordinary isogeny-graph based cryptosystems of Couveignes ...

Secure Logging with Security against Adaptive Crash Attack

Logging systems are an essential component of security systems and their...

Cryptanalysis and designing chaos-based irreversible and parallel key expansion module over Galois field

From the security criteria of irreversibility, parallelizability and ind...

Freestyle, a randomized version of ChaCha for resisting offline brute-force and dictionary attacks

This paper introduces Freestyle, a randomized and variable round version...

Single-Query Verifiable Proof-of-Sequential-Work

We propose a proof-of-sequential-work (PoSW) that can be verified with o...